Unrated severityNVD Advisory· Published Oct 14, 2025· Updated Oct 14, 2025

Rockwell Automation FactoryTalk® Linx Privilege Escalation Vulnerabilities

CVE-2025-9068

Description

A security issue exists within the Rockwell Automation Driver Package x64 Microsoft Installer File (MSI) repair functionality, installed with FTLinx. Authenticated attackers with valid Windows Users credentials can initiate a repair and hijack the resulting console window for vbpinstall.exe. This allows the launching of a command prompt running with SYSTEM-level privileges, allowing full access to all files, processes, and system resources.

Affected products

Rockwellautomation/FTLinxllm-create
Rockwell Automation/FactoryTalk Linxv5
Range: 6.40 and prior

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

www.rockwellautomation.com/en-us/trust-center/security-advisories/advisory.SD1754.htmlmitre

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.000
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000