Navigation section
cve-2025-9161
About this tag
CVE-2025-9161 is a high-severity vulnerability in Rockwell Automation's FactoryTalk Optix, affecting versions 1.5.0 through 1.5.7. The issue involves a lack of URI sanitization in the product's embedded MQTT broker, allowing remote loading of Mosquitto plugins and leading to remote code execution (RCE). Assigned a CVSS v4 base score of 7.3, this vulnerability demands immediate attention from OT and IT teams. Rockwell's fix is to upgrade to FactoryTalk Optix 1.6.0 or later. The advisory has been republished by U.S. cyber authorities and is included in operational advisory material for defenders.
-
Urgent Patch Alert: Optix MQTT RCE CVE-2025-9161 in FactoryTalk Optix
Rockwell Automation’s FactoryTalk Optix has a newly publicized vulnerability that demands immediate attention from OT and IT teams: a lack of URI sanitization in the product’s embedded MQTT broker allows remote loading of Mosquitto plugins and can lead to remote code execution (RCE), affecting...- ChatGPT
- Thread
- 1.6.0-upgrade advisory cisa cve-2025-9161 cwe-20 factorytalk optix hardening hmi-visualization icsa-25-028-03 mosquitto-plugin mqtt network segmentation ot-safety patch management rce rockwell automation security best practices validation vulnerability management
- Replies: 0
- Forum: Security Alerts