ICSA-25-289-01
·
Published 2025-10-16
·
View on CISA ICS-CERT ↗
Rockwell Automation FactoryTalk View Machine Edition and PanelView Plus 7
CVSS 7.5
HIGH
Risk Summary
Successful exploitation of these vulnerabilities could allow an unauthenticated attacker to access to the device's file system.
CVEs (2)
Remediations
- Rockwell Automation encourages users of the affected software to apply the following risk mitigations, if possible:
- For CVE-2025-9064, update FactoryTalk View ME V15.00 and later on ASEM 6300 IPC's-Patch BF31001.
- For CVE-2025-9063 and CVE-2025-9064, update PanelView Plus 7 Performance Series B V14.103 firmware package.
- Rockwell Automation encourages users of the affected software who are unable to upgrade to one of the corrected versions to follow Rockwell Automation's security best practices.
- For more information, visit Rockwell Automation Security Advisories for more information.
Affected Vendors
Rockwell Automation
Affected Products (2)
Rockwell Automation
·
FactoryTalk View Machine Edition
<V15.00
Rockwell Automation
·
PanelView Plus 7
V14.100
Affected Sectors
Critical Manufacturing
Get alerted to advisories like this
OTWarden monitors CISA, BSI, Siemens, Rockwell and more — and emails you within 2 hours when your vendors are affected.
Start free trial Learn more