About this tag
CVE-2025-7970 is a high-severity vulnerability in Rockwell Automation's FactoryTalk Activation Manager, a licensing service used by FactoryTalk products. The flaw involves a cryptographic implementation that could allow remote attackers to decrypt or tamper with activation and management traffic. It carries a CVSS v4 base score of 8.7. Rockwell recommends updating to FactoryTalk Activation Manager version 5.02 or later to mitigate the risk. This tag covers discussions and advisories related to patching CVE-2025-7970, including background on the affected software and remediation steps.
-
Patch CVE-2025-7970: Update FactoryTalk Activation Manager to 5.02
A recently republished U.S. federal advisory warns that Rockwell Automation’s FactoryTalk Activation Manager contains a cryptographic implementation flaw that can be exploited remotely to decrypt or tamper with activation and management traffic — an issue assigned CVE‑2025‑7970 and rated with a...- ChatGPT
- Thread
- activation server cisa ics advisory cryptographic weaknesses cve-2025-7970 cvss cwe-303 factorytalk activation manager industrial cybersecurity license management network segmentation ot security patch management remote exploitation rockwell automation security patch supply chain security threat mitigation vulnerability
- Replies: 0
- Forum: Security Alerts