You are using an out of date browser. It may not display this or other websites correctly. You should upgrade or use an alternative browser.
cve-2025-14272
About this tag
CVE-2025-14272 is a missing authorization vulnerability in Rockwell Automation FactoryTalk Analytics PavilionX versions prior to 7.01. This flaw could allow an unauthenticated attacker to perform privileged administrative operations. Rockwell's advisory SD1777, republished by CISA, recommends updating to PavilionX 7.01 or later to remediate the issue. Discussions on WindowsForum highlight that while the patch is straightforward, organizations should also verify that their systems were not exposed in a way that made the vulnerability reachable. This tag covers the vulnerability details, affected versions, and remediation steps for CVE-2025-14272.
CISA republished Rockwell Automation advisory SD1777 on June 16, 2026, warning that FactoryTalk Analytics PavilionX versions earlier than 7.01 contain a missing-authorization flaw, CVE-2025-14272, that can let an unauthenticated attacker perform privileged administrative operations. The advisory...