Rockwell Automation FactoryTalk Linx

CVSS 7.8 HIGH

Risk Summary

Successful exploitation of these vulnerabilities may allow full access to all files, processes, and system resources.

CVE-2025-9067 CVE-2025-9068

Rockwell Automation recommends users of the affected software consider installing the Microsoft patch to address the MSI issue. If possible, users should also upgrade to version 6.50 or later. Users of the affected software unable to upgrade to one of the corrected versions should follow Rockwell Automation's security best practices.
For more information, see Rockwell Automation's security advisory SD1754.
CISA recommends users take the following measures to protect themselves from social engineering attacks:
Do not click web links or open attachments in unsolicited email messages.
Refer to Recognizing and Avoiding Email Scams for more information on avoiding email scams.
Refer to Avoiding Social Engineering and Phishing Attacks for more information on social engineering attacks.

Rockwell Automation

Rockwell Automation · FactoryTalk Linx <=6.40

Critical Manufacturing

OTWarden monitors CISA, BSI, Siemens, Rockwell and more — and emails you within 2 hours when your vendors are affected.