CVE-2025-0498

Critical

Published: 30 January 2025

Published

30 January 2025

Modified

04 November 2025

KEV Added

—

Patch

—

CVSS Score 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

EPSS Score 0.0014 34.4th percentile

Risk Priority 20 60% EPSS · 20% KEV · 20% CVSS

Description

A data exposure vulnerability exists in all versions prior to V15.00.001 of Rockwell Automation FactoryTalk® AssetCentre. The vulnerability exists due to insecure storage of FactoryTalk® Security user tokens, which could allow a threat actor to steal a token and, impersonate another user.

Security Summary

CVE-2025-0498 is a data exposure vulnerability affecting all versions prior to V15.00.001 of Rockwell Automation FactoryTalk® AssetCentre. The issue arises from insecure storage of FactoryTalk® Security user tokens (CWE-522), which could allow a threat actor to steal a token and impersonate another user. It has a CVSS v3.1 base score of 9.8 (AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H) and was published on 2025-01-30.

The vulnerability can be exploited by any unauthenticated attacker with network access to the affected system, requiring low complexity and no user interaction. Successful exploitation enables token theft, allowing the attacker to impersonate legitimate users and achieve high impacts on confidentiality, integrity, and availability.

Mitigation details are provided in the Rockwell Automation security advisory at https://www.rockwellautomation.com/en-us/trust-center/security-advisories/advisory.SD1721.html.

Details

CWE(s): CWE-522

Affected Products

rockwellautomation

factorytalk assetcentre

≤ 15.00.01

References

https://www.rockwellautomation.com/en-us/trust-center/security-advisories/advisory.SD1721.html
Vendor Advisory · PSIRT@rockwellautomation.com