CVE-2025-9036
Rockwell Automation FactoryTalk® Action Manager v1.0.0 Runtime Vulnerability
A security issue in the runtime event system allows unauthenticated connections to receive a reusable API token. This token is broadcasted over a WebSocket and can be intercepted by any local client listening on the connection.
CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
Affected products
Rockwell Automation · FactoryTalk® Action ManagerWant to know if your infrastructure is exposed to this?
Talk to TrueHacking →