Rockwellautomation Factorytalk View

FactoryTalk View Machine Edition Path Traversal Deletes Files on Panels OS
CVE-2025-9064 - October 14, 2025

A path traversal security issue exists within FactoryTalk View Machine Edition, allowing unauthenticated attackers on the same network as the device to delete any file within the panels operating system. Exploitation of this vulnerability is dependent on the knowledge of filenames to be deleted.

authentification

FactoryTalk ViewPoint Unauth XXE via SOAP Causing Temp DoS
CVE-2025-9066 - October 14, 2025

A security issue was discovered within FactoryTalk® ViewPoint, allowing unauthenticated attackers to achieve XXE. Certain SOAP requests can be abused to perform XXE, resulting in a temporary denial-of-service.

Improper Input Validation

RCE via public dir allows macro RCE in unknown product
CVE-2024-37365 7.8 - High - November 12, 2024

A remote code execution vulnerability exists in the affected product. The vulnerability allows users to save projects within the public directory allowing anyone with local access to modify and/or delete files. Additionally, a malicious user could potentially leverage this vulnerability to escalate their privileges by changing the macro to execute arbitrary code.

Full RCE via Chained PT + CI + XSS in Unknown Product
CVE-2024-45824 9.8 - Critical - September 12, 2024

CVE-2024-45824 IMPACT A remote code vulnerability exists in the affected products. The vulnerability occurs when chained with Path Traversal, Command Injection, and XSS Vulnerabilities and allows for full unauthenticated remote code execution. The link in the mitigations section below contains patches to fix this issue.

Command Injection

Code Exec via Default Permission Leak
CVE-2024-7513 8.8 - High - August 14, 2024

CVE-2024-7513 IMPACT A code execution vulnerability exists in the affected product. The vulnerability occurs due to improper default file permissions allowing any user to edit or replace files, which are executed by account with elevated permissions.

Incorrect Permission Assignment for Critical Resource

Privilege Escalation via Script Editing / ACL Bypass in Unknown Product
CVE-2024-37369 8.8 - High - June 14, 2024

A privilege escalation vulnerability exists in the affected product. The vulnerability allows low-privilege users to edit scripts, bypassing Access Control Lists, and potentially gaining further access within the system.

Incorrect Permission Assignment for Critical Resource

Auth Bypass in Rockwell FactoryTalk View SE v12 via FTView
CVE-2024-37367 7.5 - High - June 14, 2024

A user authentication vulnerability exists in the Rockwell Automation FactoryTalk® View SE v12. The vulnerability allows a user from a remote system with FTView to send a packet to the customers server to view an HMI project. This action is allowed without proper authentication verification.

authentification

FactoryTalk View SE Authentication Bypass via Remote FTView
CVE-2024-37368 7.5 - High - June 14, 2024

A user authentication vulnerability exists in the Rockwell Automation FactoryTalk® View SE. The vulnerability allows a user from a remote system with FTView to send a packet to the customers server to view an HMI project. Due to the lack of proper authentication, this action is allowed without proper authentication verification.

Missing Authentication for Critical Function

SQL Injection in Rockwell Automation FactoryTalk View SE Datalog Function
CVE-2024-4609 9.8 - Critical - May 16, 2024

A vulnerability exists in the Rockwell Automation FactoryTalk® View SE Datalog function that could allow a threat actor to inject a malicious SQL statement if the SQL database has no authentication in place or if legitimate credentials were stolen. If exploited, the attack could result in information exposure, revealing sensitive information. Additionally, a threat actor could potentially modify and delete the data in a remote database. An attack would only affect the HMI design time, not runtime.

SQL Injection

FactoryTalk View DoS via Insufficient Input Validation
CVE-2023-46289 7.5 - High - October 27, 2023

Rockwell Automation FactoryTalk View Site Edition insufficiently validates user input, which could potentially allow threat actors to send malicious data bringing the product offline. If exploited, the product would become unavailable and require a restart to recover resulting in a denial-of-service condition.

Improper Input Validation

The DeskLock tool provided with FactoryTalk View SE uses a weak encryption algorithm
CVE-2020-14481 7.8 - High - February 24, 2022

The DeskLock tool provided with FactoryTalk View SE uses a weak encryption algorithm that may allow a local, authenticated attacker to decipher user credentials, including the Windows user or Windows DeskLock passwords. If the compromised user has an administrative account, an attacker could gain full access to the users operating system and certain components of FactoryTalk View SE.

Inadequate Encryption Strength

Due to usernames/passwords being stored in plaintext in Random Access Memory (RAM)
CVE-2020-14480 5.5 - Medium - February 24, 2022

Due to usernames/passwords being stored in plaintext in Random Access Memory (RAM), a local, authenticated attacker could gain access to certain credentials, including Windows Logon credentials.

Cleartext Storage of Sensitive Information

In all versions of FactoryTalk View SE, after bypassing memory corruption mechanisms found in the operating system, a local, authenticated attacker may corrupt the associated memory space
CVE-2020-12031 7.5 - High - July 20, 2020

In all versions of FactoryTalk View SE, after bypassing memory corruption mechanisms found in the operating system, a local, authenticated attacker may corrupt the associated memory space allowing for arbitrary code execution. Rockwell Automation recommends applying patch 1126290. Before installing this patch, the patch rollup dated 06 Apr 2020 or later MUST be applied. 1066644 Patch Roll-up for CPR9 SRx.

Buffer Overflow

All versions of FactoryTalk View SE disclose the hostnames and file paths for certain files within the system
CVE-2020-12027 4.3 - Medium - July 20, 2020

All versions of FactoryTalk View SE disclose the hostnames and file paths for certain files within the system. A remote, authenticated attacker may be able to leverage this information for reconnaissance efforts. Rockwell Automation recommends enabling built in security features found within FactoryTalk View SE. Users should follow guidance found in knowledge base articles 109056 and 1126943 to set up IPSec and/or HTTPs.

Information Disclosure

In all versions of FactoryTalk View SEA remote
CVE-2020-12028 7.3 - High - July 20, 2020

In all versions of FactoryTalk View SEA remote, an authenticated attacker may be able to utilize certain handlers to interact with the data on the remote endpoint since those handlers do not enforce appropriate permissions. Rockwell Automation recommends enabling built in security features found within FactoryTalk View SE. Users should follow guidance found in knowledge base articles 109056 and 1126943 to set up IPSec and/or HTTPs.

Permissions, Privileges, and Access Controls

All versions of FactoryTalk View SE do not properly validate input of filenames within a project directory
CVE-2020-12029 9 - Critical - July 20, 2020

All versions of FactoryTalk View SE do not properly validate input of filenames within a project directory. A remote, unauthenticated attacker may be able to execute a crafted file on a remote endpoint that may result in remote code execution (RCE). Rockwell Automation recommends applying patch 1126289. Before installing this patch, the patch rollup dated 06 Apr 2020 or later MUST be applied. 1066644 Patch Roll-up for CPR9 SRx.

Improper Input Validation