CVE-2025-13036

Vulnerability

A race condition (CWE-362) exists in the login endpoint of FactoryTalk® Historian Site Edition (SE) version 11. By continuously sending authentication requests, an attacker can exploit improper synchronization to obtain a valid authentication token. The vulnerability is present in all deployments of v11. The issue is fixed in version 12.00.00 [1].

Exploitation

An unauthenticated attacker with network access to the login endpoint can exploit this vulnerability by sending a high volume of login requests in a short time window. The race condition allows the attacker to intercept or generate a valid token, bypassing normal authentication. No prior authentication or user interaction is required [1].

Impact

Successful exploitation grants the attacker a valid authentication token, effectively bypassing the authentication mechanism. This allows unauthorized access to the FactoryTalk Historian SE system, potentially leading to disclosure or modification of sensitive time-series process data, and further compromise of the industrial automation environment [1].

Mitigation

Rockwell Automation has released FactoryTalk Historian SE version 12.00.00 to remediate this vulnerability. Users should upgrade immediately. As of the advisory publication, this vulnerability is not listed in the Known Exploited Vulnerabilities (KEV) catalog. No workaround is provided [1].