PT-2025-33292 · Rockwell Automation · Factorytalk Linx Network Browser
Published
2025-08-14
·
Updated
2025-10-29
·
CVE-2025-7972
CVSS v3.1
9.1
Critical
| Vector | AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H |
Name of the Vulnerable Software and Affected Versions:
FactoryTalk Linx Network Browser (affected versions not specified)
Description:
A security issue exists within the FactoryTalk Linx Network Browser. Modifying the
process.env.NODE ENV environment variable to ‘development’ disables FTSP token validation. This bypass allows an attacker to create, update, and delete FTLinx drivers.Recommendations:
At the moment, there is no information about a newer version that contains a fix for this vulnerability.
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Factorytalk Linx Network Browser