Rockwell Automation reports flaws in FactoryTalk View Machine Edition system, one critical
Take action: If you are running Rockwell Automation FactoryTalk View ME, take note of the flaws. As a first step, isolate the systems both physically and on a network level to trusted access only. Then plan a patch cycle - it's not a panic mode patch but if someone gains access - either physically or on the same network, they can hack the system.
Learn More
Rockwell Automation has disclosed two critical security vulnerabilities affecting all versions of FactoryTalk View Machine Edition (ME) prior to version 15.0. These vulnerabilities could allow attackers to execute code with elevated privileges on affected systems.
- CVE-2025-24480 (CVSS score 9.3) - Remote Code Execution Vulnerability. Allows remote command execution with high privileges due to lack of input sanitation
- CVE-2025-24479 (CVSS score 8.6) - Local Code Execution Vulnerability. Allows access to command prompt as a higher privileged user due to a default Windows setting.
Remediation and mitigation Steps:
- For CVE-2025-24479 - upgrade to Version 15.0 or apply patch AID 1152309. Until patched control physical access to the system
- For CVE-2025-24480 - upgrade to Version 15.0 or apply patches AID 1152331, 1152332. Until patched, potect network access to the device and strictly constrain the parameters of invoked functions
Users are advised to always minimize network exposure for control system devices, place them behind firewalls and isolate them from business networks, use secure access methods like VPN.
CISA reports no known public exploitation targeting these vulnerabilities at the time of the advisory.
