Rockwell Automation has issued advisories for critical and high-severity vulnerabilities across its products, including FactoryTalk, Micro800, and ControlLogix. These flaws involve remote code execution, privilege escalation, and denial-of-service attacks, but none have been exploited yet. #RockwellAutomation #CISA #FactoryTalk #Micro800 #ControlLogix
Keypoints
- Rockwell Automation disclosed multiple critical and high-severity vulnerabilities in its products.
- Fixes have been released for CVE-2025-7972 in FactoryTalk Linx, enabling potential driver manipulation.
- Micro800 PLCs are affected by vulnerabilities in Azure RTOS that allow remote code execution.
- ControlLogix products had a remote code execution flaw addressed by the company.
- Various high-severity flaws include DoS, privilege escalation, and information exposure, with no known exploitation.