CVE-2025-7972

Published: Aug 14, 2025

Modified: Aug 14, 2025

PUBLISHED

Description

A security issue exists within the FactoryTalk Linx Network Browser. By modifying the process.env.NODE_ENV to ‘development’, the attacker can disable FTSP token validation. This bypass allows access to create, update, and delete FTLinx drivers.

Vendor	Product	Versions
Rockwell Automation	FactoryTalk® Linx	affected `All prior to 6.50`

Weaknesses (CWE)

CWE-286

References

https://www.rockwellautomation.com/en-us/trust-center/security-advisories/advisory.SD1735.html

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2025-7972

Description

Affected Products

Weaknesses (CWE)

References