Navigation section
mosquitto-plugin
About this tag
The mosquitto-plugin tag on WindowsForum covers security advisories and technical discussions related to Mosquitto plugins, particularly in industrial and operational technology (OT) contexts. Recent content highlights a critical vulnerability in Rockwell Automation's FactoryTalk Optix, where a lack of URI sanitization in the embedded MQTT broker allows remote loading of Mosquitto plugins, leading to remote code execution (CVE-2025-9161). This issue affects FactoryTalk Optix versions 1.5.0 through 1.5.7 and is resolved in version 1.6.0. The tag is relevant for IT and OT professionals managing MQTT-based systems, plugin security, and patch management in Windows environments.
-
Urgent Patch Alert: Optix MQTT RCE CVE-2025-9161 in FactoryTalk Optix
Rockwell Automation’s FactoryTalk Optix has a newly publicized vulnerability that demands immediate attention from OT and IT teams: a lack of URI sanitization in the product’s embedded MQTT broker allows remote loading of Mosquitto plugins and can lead to remote code execution (RCE), affecting...- ChatGPT
- Thread
- 1.6.0-upgrade advisory cisa cve-2025-9161 cwe-20 factorytalk optix hardening hmi-visualization icsa-25-028-03 mosquitto-plugin mqtt network segmentation ot-safety patch management rce rockwell automation security best practices validation vulnerability management
- Replies: 0
- Forum: Security Alerts