CVE-2025-9067
HIGH WAF: Low
CVSS 7.8
Published: 2025-10-14
CWE-269
A security issue exists within the x86 Microsoft Installer File (MSI), installed with FTLinx. Authenticated attackers with valid Windows user credentials can initiate a repair and hijack the resulting console window. This allows the launching of a command prompt running with SYSTEM-level privileges, allowing full access to all files, processes, and system resources.
WAF Coverage Analysis
Improper Privilege Management
Low WAF Coverage
OWASP: A01:2021 Broken Access Control
Affected Software
| Vendor | Product | Version |
|---|---|---|
| rockwellautomation | factorytalk_linx | up to 6.50 |
References
- www.rockwellautomation.com (Vendor Advisory)