CVE-2025-9068

HIGH

Rockwell Automation Driver Package x64 MSI - Privilege Escalation

Title source: llm

Description

A security issue exists within the Rockwell Automation Driver Package x64 Microsoft Installer File (MSI) repair functionality, installed with FTLinx. Authenticated attackers with valid Windows Users credentials can initiate a repair and hijack the resulting console window for vbpinstall.exe. This allows the launching of a command prompt running with SYSTEM-level privileges, allowing full access to all files, processes, and system resources.

References (1)

[Vendor Advisory] https://www.rockwellautomation.com/en-us/trust-center/security-advisories/advisory.SD1754.html

Scores

CVSS v3 7.8

EPSS 0.0001

EPSS Percentile 1.3%

Attack Vector LOCAL

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

CISA SSVC

Vulnrichment

Exploitation none

Automatable no

Technical Impact partial

Details

CWE

CWE-269

Status published

Products (1)

rockwellautomation/factorytalk_linx < 6.50

Published Oct 14, 2025

Tracked Since Feb 18, 2026