CVE-2025-9068 – Rockwell Automation FactoryTalk® Linx Privilege Escalation Vulnerabilities

CVE ID : CVE-2025-9068

Published : Oct. 14, 2025, 12:23 p.m. | 16 minutes ago

Description : A security issue exists within the Rockwell Automation Driver Package x64 Microsoft Installer File (MSI) repair functionality, installed with FTLinx. Authenticated attackers with valid Windows Users credentials can initiate a repair and hijack the resulting console window for vbpinstall.exe. This allows the launching of a command prompt running with SYSTEM-level privileges, allowing full access to all files, processes, and system resources.

Severity: 8.5 | HIGH

Visit the link for more details, such as CVSS details, affected products, timeline, and more…