CNNVD-202508-1661 Information

Aug 14, 2025 cve

CNNVD ID

CNNVD-202508-1661

CVE-2025-7972

CNNVD Published: 2025-08-14

Description (Chinese)

Rockwell Automation FactoryTalk Linx是美国罗克韦尔（Rockwell Automation）公司的一套工业通信解决方案。该产品主要用于小型应用程序与大型自动化系统等通信。 Rockwell Automation FactoryTalk Linx存在安全漏洞，该漏洞源于修改process.env.NODE_ENV可禁用FTSP令牌验证，允许创建更新删除驱动程序。

Description (English)

Rockwell ActionTalk Linx is an industrial communications solution for Rockwell Automation in the United States. The product is used mainly for small applications and communications such as large automated systems. Lockwell Automation ActoryTalk Linx has a security loophole, which stems from the modification of the protocol.env.NODE ENV to disable the authentication of the FTSP token and allow the creation of an updated deletion driver.

Hazard Level

Medium

Vulnerability Type

其他

Affected Vendor

罗克韦尔

Published

2025-08-14

Last Modified

2026-02-24

References

https://www.rockwellautomation.com/en-us/trust-center/security-advisories/advisory.SD1735.html https://nvd.nist.gov/vuln/detail/CVE-2025-7972

Patch

https://www.rockwellautomation.com/en-us/trust-center/security-advisories/advisory.SD1735.html

Share on: