CVE-2025-7972: Rockwell Automation Patches Critical Security Bypass in FactoryTalk Linx
Ddos 
Rockwell Automation has released a security advisory addressing a critical security bypass vulnerability in its FactoryTalk Linx industrial automation software. Tracked as CVE-2025-7972 and rated CVSS 9.0, the flaw could allow attackers to bypass authentication mechanisms and make unauthorized changes to industrial network configurations.
According to Rockwell Automation, “A security issue exists within the FactoryTalk Linx Network Browser. By modifying the process.env.NODE_ENV to ‘development’, the attacker can disable FTSP token validation.”
This bypass grants attackers the ability to create, update, and delete FTLinx drivers—actions that could disrupt communications between industrial devices, potentially halting production or causing unsafe operational conditions.
The affected products includes:
- FactoryTalk Linx: All versions prior to 6.50 are affected.
- The issue has been fixed in version 6.50 and later.
The vulnerability affects the Network Browser feature, a core component used to manage and configure communication paths in industrial control systems (ICS). If exploited, an attacker with access to the affected environment could:
- Alter communication paths between control devices.
- Remove or corrupt driver configurations.
- Introduce rogue devices into the control network.
Given the high CVSS score and the potential for operational disruption, Rockwell Automation urges immediate action.
Rockwell recommends upgrading to the corrected version 6.50 or later. If upgrading is not possible, the advisory instructs customers to apply security best practices to limit exposure, including restricting network access to trusted users and isolating FactoryTalk Linx from untrusted networks.
The company provides additional guidance and resources through its Security Best Practices documentation.
Related Posts:
- CVE-2025-0477 (CVSS 9.8): Critical Security Flaw in Rockwell Automation’s FactoryTalk AssetCentre
- Critical Vulnerabilities Found in Rockwell Automation FactoryTalk ThinManager
- Rockwell Automation Products Face Critical Security Risks, Urgent Patching Required
- High-Severity Flaws in Rockwell Arena Simulation Expose Industrial Systems to Memory Abuse
- CVE-2025-24480 (CVSS 9.8): Rockwell Automation Addresses Critical Flaw in FactoryTalk View ME
Support Our Threat Intelligence
If you find our CVE report and cybersecurity news helpful, consider supporting our work.
Buy Me a Coffee
PayPal
