CNNVD-202510-2009 Information

Oct 14, 2025 cve

CNNVD ID

CNNVD-202510-2009

CVE-2025-9067

CNNVD Published: 2025-10-14

Description (Chinese)

Rockwell Automation FactoryTalk Linx是美国罗克韦尔（Rockwell Automation）公司的一套工业通信解决方案。该产品主要用于小型应用程序与大型自动化系统等通信。 Rockwell Automation FactoryTalk Linx存在安全漏洞，该漏洞源于攻击者可利用有效Windows凭据发起修复并劫持控制台窗口，可能导致以SYSTEM权限运行命令提示符并获得完全系统访问权限。

Description (English)

Rockwell ActionTalk Linx is an industrial communications solution for Rockwell Automation in the United States. The product is used mainly for small applications and communications such as large automated systems. Lockwell Automation ActoryTalk Linx has a security loophole, which stems from the fact that the attackers can use valid Windows evidence to initiate repair and hijacking of the Console window, which could lead to the operation of command tips with SYSTEM privileges and full system access.

Hazard Level

Medium

Vulnerability Type

其他

Affected Vendor

罗克韦尔

Published

2025-10-14

Last Modified

2026-02-24

References

https://www.rockwellautomation.com/en-us/trust-center/security-advisories/advisory.SD1754.html

Patch

https://www.rockwellautomation.com/en-us/trust-center/security-advisories/advisory.SD1754.html

Share on: