CVE-2025-0477

Critical

Published: 30 January 2025

Published

30 January 2025

Modified

04 November 2025

KEV Added

—

Patch

—

CVSS Score 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

EPSS Score 0.0143 80.7th percentile

Risk Priority 20 60% EPSS · 20% KEV · 20% CVSS

Description

An encryption vulnerability exists in all versions prior to V15.00.001 of Rockwell Automation FactoryTalk® AssetCentre. The vulnerability exists due to a weak encryption methodology and could allow a threat actor to extract passwords belonging to other users of the application.

Security Summary

CVE-2025-0477 is an encryption vulnerability (CWE-522) present in all versions of Rockwell Automation FactoryTalk AssetCentre prior to V15.00.001. The issue arises from a weak encryption methodology that enables threat actors to extract passwords belonging to other users of the application. Published on 2025-01-30, it carries a CVSS v3.1 base score of 9.8 (AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H), classifying it as critical due to its severe impacts.

The vulnerability can be exploited remotely by any unauthenticated attacker with network access, requiring low complexity and no user interaction or privileges. Successful exploitation allows the attacker to extract other users' passwords, potentially enabling unauthorized access to the application, manipulation of industrial assets, and broader compromise within FactoryTalk AssetCentre environments.

Rockwell Automation details mitigation in security advisory SD1721 at https://www.rockwellautomation.com/en-us/trust-center/security-advisories/advisory.SD1721.html, which recommends upgrading to version V15.00.001 or later to address the weak encryption.

Details

CWE(s): CWE-522

Affected Products

rockwellautomation

factorytalk assetcentre

≤ 15.00.01

References

https://www.rockwellautomation.com/en-us/trust-center/security-advisories/advisory.SD1721.html
Vendor Advisory · PSIRT@rockwellautomation.com