CVE-2025-9063
Last modified
CVE-2025-9063 is a high-severity vulnerability rated 7/10 on the CVSS scale. An authentication bypass security issue exists within FactoryTalk View Machine Edition Web Browser ActiveX control. Exploitation of this vulnerability allows unauthorized access to the PanelView Plus 7 Series B, including access to the file system, retrieval of diagnostic information, event logs, and more.. EPSS estimates a 0.37% chance of exploitation in the next 30 days.
Description
An authentication bypass security issue exists within FactoryTalk View Machine Edition Web Browser ActiveX control. Exploitation of this vulnerability allows unauthorized access to the PanelView Plus 7 Series B, including access to the file system, retrieval of diagnostic information, event logs, and more.
Metrics
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:L/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Weakness Enumeration
Affected Software
| Vendor | Product | Versions |
|---|---|---|
| Rockwellautomation | Factorytalk View | <= 15.0 |
References
Timeline
- Published
- Last Modified
- Status
- Analyzed
Frequently Asked Questions
What is CVE-2025-9063?
How severe is CVE-2025-9063?
How do I fix CVE-2025-9063?
Are you affected by CVE-2025-9063?
Run a free Strix scan to check your systems for this vulnerability.
Scan your code nowSource: NVD / NIST