Sign-up

ID

VAR-202510-2627


CVE

CVE-2025-9068


DESCRIPTION

A security issue exists within the Rockwell Automation Driver Package x64 Microsoft Installer File (MSI) repair functionality, installed with FTLinx. Authenticated attackers with valid Windows Users credentials can initiate a repair and hijack the resulting console window for vbpinstall.exe. This allows the launching of a command prompt running with SYSTEM-level privileges, allowing full access to all files, processes, and system resources.

Trust: 1.0

sources: NVD: CVE-2025-9068

AFFECTED PRODUCTS

vendor:rockwellautomationmodel:factorytalk linxscope:ltversion:6.50

Trust: 1.0

sources: NVD: CVE-2025-9068

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2025-9068
value: HIGH

Trust: 1.0

PSIRT@rockwellautomation.com: CVE-2025-9068
value: HIGH

Trust: 1.0

nvd@nist.gov: CVE-2025-9068
baseSeverity: HIGH
baseScore: 7.8
vectorString: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
attackVector: LOCAL
attackComplexity: LOW
privilegesRequired: LOW
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: HIGH
availabilityImpact: HIGH
exploitabilityScore: 1.8
impactScore: 5.9
version: 3.1

Trust: 1.0

sources: NVD: CVE-2025-9068 // NVD: CVE-2025-9068

PROBLEMTYPE DATA

problemtype:NVD-CWE-noinfo

Trust: 1.0

problemtype:CWE-269

Trust: 1.0

sources: NVD: CVE-2025-9068

EXTERNAL IDS

db:NVDid:CVE-2025-9068

Trust: 1.0

sources: NVD: CVE-2025-9068

REFERENCES

url:https://www.rockwellautomation.com/en-us/trust-center/security-advisories/advisory.sd1754.html

Trust: 1.0

sources: NVD: CVE-2025-9068

SOURCES

db:NVDid:CVE-2025-9068

LAST UPDATE DATE

2025-11-19T23:22:56.323000+00:00


SOURCES UPDATE DATE

db:NVDid:CVE-2025-9068date:2025-10-24T17:27:13.030

SOURCES RELEASE DATE

db:NVDid:CVE-2025-9068date:2025-10-14T13:15:40.093