CVEDB API

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2025-9068

A security issue exists within the Rockwell Automation Driver Package x64 Microsoft Installer File (MSI) repair functionality, installed with FTLinx. Authenticated attackers with valid Windows Users credentials can initiate a repair and hijack the resulting console window for vbpinstall.exe. This allows the launching of a command prompt running with SYSTEM-level privileges, allowing full access to all files, processes, and system resources.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.0

EPSS Ranking 1.9%

CVSS Severity

CVSS v3 Score 6.7

References

https://www.rockwellautomation.com/en-us/trust-center/security-advisories/advisory.SD1754.html

Products affected by CVE-2025-9068

Rockwellautomation » Factorytalk Linx » Version: 6.00

cpe:2.3:a:rockwellautomation:factorytalk_linx:6.00
Rockwellautomation » Factorytalk Linx » Version: 6.10

cpe:2.3:a:rockwellautomation:factorytalk_linx:6.10
Rockwellautomation » Factorytalk Linx » Version: 6.11

cpe:2.3:a:rockwellautomation:factorytalk_linx:6.11
Rockwellautomation » Factorytalk Linx » Version: 6.20

cpe:2.3:a:rockwellautomation:factorytalk_linx:6.20
Rockwellautomation » Factorytalk Linx » Version: 6.21

cpe:2.3:a:rockwellautomation:factorytalk_linx:6.21
Rockwellautomation » Factorytalk Linx » Version: 6.30

cpe:2.3:a:rockwellautomation:factorytalk_linx:6.30
Rockwellautomation » Factorytalk Linx » Version: 6.31

cpe:2.3:a:rockwellautomation:factorytalk_linx:6.31
Rockwellautomation » Factorytalk Linx » Version: 6.40

cpe:2.3:a:rockwellautomation:factorytalk_linx:6.40

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2025-9068

Products

Pricing

Contact Us