Rockwellautomation Factorytalk View — known CVE vulnerabilities
Every CVE whose affected-product data names Rockwellautomation Factorytalk View, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (18)
CVE-2024-45824 — CVSS 9.8 (critical): CVE-2024-45824 IMPACT A remote code vulnerability exists in the affected products. The vulnerability occurs when chained with Path…
CVE-2024-4609 — CVSS 9.8 (critical): A vulnerability exists in the Rockwell Automation FactoryTalk® View SE Datalog function that could allow a threat actor to inject a…
CVE-2023-2071 — CVSS 9.8 (critical): Rockwell Automation FactoryTalk View Machine Edition on the PanelView Plus, improperly verifies user’s input, which allows…
CVE-2025-9063 — CVSS 9.8 (critical): An authentication bypass security issue exists within FactoryTalk View Machine Edition Web Browser ActiveX control. Exploitation of this…
CVE-2025-9064 — CVSS 9.1 (critical): A path traversal security issue exists within FactoryTalk View Machine Edition, allowing unauthenticated attackers on the same network as…
CVE-2020-12029 — CVSS 9.0 (critical): All versions of FactoryTalk View SE do not properly validate input of filenames within a project directory. A remote, unauthenticated…
CVE-2024-37369 — CVSS 8.8 (high): A privilege escalation vulnerability exists in the affected product. The vulnerability allows low-privilege users to edit scripts…
CVE-2024-7513 — CVSS 8.8 (high): CVE-2024-7513 IMPACT A code execution vulnerability exists in the affected product. The vulnerability occurs due to improper default file…
CVE-2020-14481 — CVSS 7.8 (high): The DeskLock tool provided with FactoryTalk View SE uses a weak encryption algorithm that may allow a local, authenticated attacker to…
CVE-2024-37368 — CVSS 7.5 (high): A user authentication vulnerability exists in the Rockwell Automation FactoryTalk® View SE. The vulnerability allows a user from a remote…
CVE-2020-12031 — CVSS 7.5 (high): In all versions of FactoryTalk View SE, after bypassing memory corruption mechanisms found in the operating system, a local, authenticated…
CVE-2024-37367 — CVSS 7.5 (high): A user authentication vulnerability exists in the Rockwell Automation FactoryTalk® View SE v12. The vulnerability allows a user from a…
CVE-2023-46289 — CVSS 7.5 (high): Rockwell Automation FactoryTalk View Site Edition insufficiently validates user input, which could potentially allow threat actors to send…
CVE-2024-37365 — CVSS 7.3 (high): A remote code execution vulnerability exists in the affected product. The vulnerability allows users to save projects within the public…
CVE-2020-12028 — CVSS 7.3 (high): In all versions of FactoryTalk View SEA remote, an authenticated attacker may be able to utilize certain handlers to interact with the data…
CVE-2020-14480 — CVSS 5.5 (medium): Due to usernames/passwords being stored in plaintext in Random Access Memory (RAM), a local, authenticated attacker could gain access to…
CVE-2024-21914 — CVSS 5.3 (medium): A vulnerability exists in the affected product that allows a malicious user to restart the Rockwell Automation PanelView™ Plus 7 terminal…
CVE-2020-12027 — CVSS 4.3 (medium): All versions of FactoryTalk View SE disclose the hostnames and file paths for certain files within the system. A remote, authenticated…