CVE-2025-7973 Information

Description

A security issue exists in FactoryTalk ViewPoint version 14.0 or below due to improper handling of MSI repair operations. During a repair attackers can hijack the cscript.exe console window which runs with SYSTEM privileges. This can be exploited to spawn an elevated command prompt enabling full privilege escalation.

Reference

https://www.rockwellautomation.com/en-us/trust-center/security-advisories/advisory.SD1738.html