Rockwellautomation Factorytalk_view
18 CVEs affecting Rockwellautomation Factorytalk_view. Latest disclosed: 2025-10-14. Critical: 6, High: 9.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2025-9063 | Critical | 9.8 | 2025-10-14 | An authentication bypass security issue exists within FactoryTalk View Machine Edition Web Browser ActiveX control. Exploitation of this vulnerability allows… |
CVE-2024-45824 | Critical | 9.8 | 2024-09-12 | CVE-2024-45824 IMPACT A remote code vulnerability exists in the affected products. The vulnerability occurs when chained with Path Traversal, Command Inject… |
CVE-2024-4609 | Critical | 9.8 | 2024-05-16 | A vulnerability exists in the Rockwell Automation FactoryTalk® View SE Datalog function that could allow a threat actor to inject a malicious SQL statement if… |
CVE-2023-2071 | Critical | 9.8 | 2023-09-12 | Rockwell Automation FactoryTalk View Machine Edition on the PanelView Plus, improperly verifies user’s input, which allows unauthenticated attacker to achieve… |
CVE-2025-9064 | Critical | 9.1 | 2025-10-14 | A path traversal security issue exists within FactoryTalk View Machine Edition, allowing unauthenticated attackers on the same network as the device to delete… |
CVE-2020-12029 | Critical | 9.0 | 2020-07-20 | All versions of FactoryTalk View SE do not properly validate input of filenames within a project directory. A remote, unauthenticated attacker may be able to e… |
CVE-2024-7513 | High | 8.8 | 2024-08-14 | CVE-2024-7513 IMPACT A code execution vulnerability exists in the affected product. The vulnerability occurs due to improper default file permissions allowing… |
CVE-2024-37369 | High | 8.8 | 2024-06-14 | A privilege escalation vulnerability exists in the affected product. The vulnerability allows low-privilege users to edit scripts, bypassing Access Control Lis… |
CVE-2020-14481 | High | 7.8 | 2022-02-24 | The DeskLock tool provided with FactoryTalk View SE uses a weak encryption algorithm that may allow a local, authenticated attacker to decipher user credential… |
CVE-2024-37368 | High | 7.5 | 2024-06-14 | A user authentication vulnerability exists in the Rockwell Automation FactoryTalk® View SE. The vulnerability allows a user from a remote system with FTView to… |
CVE-2024-37367 | High | 7.5 | 2024-06-14 | A user authentication vulnerability exists in the Rockwell Automation FactoryTalk® View SE v12. The vulnerability allows a user from a remote system with FTVie… |
CVE-2023-46289 | High | 7.5 | 2023-10-27 | Rockwell Automation FactoryTalk View Site Edition insufficiently validates user input, which could potentially allow threat actors to send malicious data brin… |
CVE-2020-12031 | High | 7.5 | 2020-07-20 | In all versions of FactoryTalk View SE, after bypassing memory corruption mechanisms found in the operating system, a local, authenticated attacker may corrupt… |
CVE-2024-37365 | High | 7.3 | 2024-11-12 | A remote code execution vulnerability exists in the affected product. The vulnerability allows users to save projects within the public directory allowing anyo… |
CVE-2020-12028 | High | 7.3 | 2020-07-20 | In all versions of FactoryTalk View SEA remote, an authenticated attacker may be able to utilize certain handlers to interact with the data on the remote endpo… |
CVE-2020-14480 | Medium | 5.5 | 2022-02-24 | Due to usernames/passwords being stored in plaintext in Random Access Memory (RAM), a local, authenticated attacker could gain access to certain credentials, i… |
CVE-2024-21914 | Medium | 5.3 | 2024-03-25 | A vulnerability exists in the affected product that allows a malicious user to restart the Rockwell Automation PanelView™ Plus 7 terminal remotely without sec… |
CVE-2020-12027 | Medium | 4.3 | 2020-07-20 | All versions of FactoryTalk View SE disclose the hostnames and file paths for certain files within the system. A remote, authenticated attacker may be able to… |