Summary
Successful exploitation of this vulnerability could result in an attacker executing privileged operations.
The following versions of Rockwell Automation FactoryTalk Analytics PavilionX are affected:
- FactoryTalk Analytics PavilionX <7.01 (CVE-2025-14272)
| CVSS | Vendor | Equipment | Vulnerabilities |
|---|---|---|---|
| v3 7 | Rockwell Automation | Rockwell Automation FactoryTalk Analytics PavilionX | Missing Authorization |
Background
- Critical Infrastructure Sectors: Critical Manufacturing
- Countries/Areas Deployed: Worldwide
- Company Headquarters Location: United States
Vulnerabilities
CVE-2025-14272
A security issue was identified in Pavilion due to improper authorization enforcement in API endpoints. This vulnerability can allow an unauthorized actor to execute privileged operations, including user/role management and other administrative actions.
Affected Products
Rockwell Automation FactoryTalk Analytics PavilionX
Rockwell Automation
Rockwell Automation FactoryTalk Analytics PavilionX: <7.01
known_affected
Remediations
Vendor fix
Rockwell Automation recommends users update FactoryTalk Analytics PavilionX software to version 7.01 or later. The upgrade can be downloaded from the Rockwell Automation Download Center: https://www.rockwellautomation.com/en-us/support/product/product-downloads.html
https://www.rockwellautomation.com/en-us/support/product/product-downloads.html
Mitigation
See Rockwell Automation’s SD1777 advisory for more information: https://www.rockwellautomation.com/en-us/trust-center/security-advisories/advisory.SD1777.html
https://www.rockwellautomation.com/en-us/trust-center/security-advisories/advisory.SD1777.html
Relevant CWE: CWE-862 Missing Authorization
Metrics
| CVSS Version | Base Score | Base Severity | Vector String |
|---|---|---|---|
| 3.1 | 7 | HIGH | CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:L/A:L |
| 4.0 | 8.3 | HIGH | CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:H/VI:L/VA:L/SC:N/SI:N/SA:N |
Acknowledgments
- Rockwell Automation reported these vulnerabilities to CISA
Legal Notice and Terms of Use
This product is provided subject to this Notification (https://www.cisa.gov/notification) and this Privacy & Use policy (https://www.cisa.gov/privacy-policy).
Recommended Practices
CISA recommends users take defensive measures to minimize the risk of exploitation of this vulnerability.
Minimize network exposure for all control system devices and/or systems, ensuring they are not accessible from the internet.
Locate control system networks and remote devices behind firewalls and isolating them from business networks.
When remote access is required, use more secure methods, such as Virtual Private Networks (VPNs), recognizing VPNs may have vulnerabilities and should be updated to the most current version available. Also recognize VPN is only as secure as the connected devices.
CISA reminds organizations to perfo
[…]
Content was cut in order to protect the source.Please visit the source for the rest of the article.
Read the original article: