Rockwellautomation Factorytalk_linx
14 CVEs affecting Rockwellautomation Factorytalk_linx. Latest disclosed: 2025-10-14. Critical: 3, High: 10.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2020-27251 | Critical | 9.8 | 2020-11-26 | A heap overflow vulnerability exists within FactoryTalk Linx Version 6.11 and prior. This vulnerability could allow a remote, unauthenticated attacker to send… |
CVE-2020-12001 | Critical | 9.8 | 2020-06-15 | FactoryTalk Linx versions 6.00, 6.10, and 6.11, RSLinx Classic v4.11.00 and prior,Connected Components Workbench: Version 12 and prior, ControlFLASH: Version 1… |
CVE-2025-7972 | Critical | 9.1 | 2025-08-14 | A security issue exists within the FactoryTalk Linx Network Browser. By modifying the process.env.NODE_ENV to ‘development’, the attacker can disable FTSP toke… |
CVE-2023-29464 | High | 8.2 | 2023-10-13 | FactoryTalk Linx, in the Rockwell Automation PanelView Plus, allows an unauthenticated threat actor to read data from memory via crafted malicious packets. Se… |
CVE-2020-11999 | High | 8.1 | 2020-06-15 | FactoryTalk Linx versions 6.00, 6.10, and 6.11, RSLinx Classic v4.11.00 and prior,Connected Components Workbench: Version 12 and prior, ControlFLASH: Version 1… |
CVE-2025-9068 | High | 7.8 | 2025-10-14 | A security issue exists within the Rockwell Automation Driver Package x64 Microsoft Installer File (MSI) repair functionality, installed with FTLinx. Authentic… |
CVE-2025-9067 | High | 7.8 | 2025-10-14 | A security issue exists within the x86 Microsoft Installer File (MSI), installed with FTLinx. Authenticated attackers with valid Windows user credentials can i… |
CVE-2020-5802 | High | 7.5 | 2020-12-29 | An attacker-controlled memory allocation size can be passed to the C++ new operator in RnaDaSvr.dll by sending a specially crafted ConfigureItems message to TC… |
CVE-2020-5801 | High | 7.5 | 2020-12-29 | An attacker can craft and send an OpenNamespace message to port 4241 with valid session-id that triggers an unhandled exception in CFTLDManager::HandleRequest… |
CVE-2020-27255 | High | 7.5 | 2020-11-26 | A heap overflow vulnerability exists within FactoryTalk Linx Version 6.11 and prior. This vulnerability could allow a remote, unauthenticated attacker to send… |
CVE-2020-27253 | High | 7.5 | 2020-11-26 | A flaw exists in the Ingress/Egress checks routine of FactoryTalk Linx Version 6.11 and prior. This vulnerability could allow a remote, unauthenticated attacke… |
CVE-2020-12005 | High | 7.5 | 2020-06-15 | FactoryTalk Linx versions 6.00, 6.10, and 6.11, RSLinx Classic v4.11.00 and prior,Connected Components Workbench: Version 12 and prior, ControlFLASH: Version 1… |
CVE-2020-12003 | High | 7.5 | 2020-06-15 | FactoryTalk Linx versions 6.00, 6.10, and 6.11, RSLinx Classic v4.11.00 and prior,Connected Components Workbench: Version 12 and prior, ControlFLASH: Version 1… |
CVE-2020-5806 | Medium | 5.5 | 2020-12-29 | An attacker-controlled memory allocation size can be passed to the C++ new operator in the CServerManager::HandleBrowseLoadIconStreamRequest in messaging.dll… |