Navigation section
upgrade to 6.50
About this tag
The tag 'upgrade to 6.50' on WindowsForum.com covers discussions about upgrading to version 6.50 of Rockwell Automation's FactoryTalk Linx software. This version addresses a critical improper access control vulnerability, CVE-2025-7972, which can be exploited by setting the Node.js environment variable NODE_ENV to 'development', allowing attackers to bypass FTSP token validation and manipulate FTLinx drivers. Administrators are urged to upgrade to v6.50 immediately to secure industrial control system environments. The tag focuses on security patches and version updates for Rockwell Automation products.
-
CVE-2025-7972: Patch FactoryTalk Linx Node_ENV Bypass with v6.50
A recently republished CISA advisory warns that Rockwell Automation’s FactoryTalk Linx contains a serious improper access control flaw that—when triggered by setting Node.js’ process.env.NODE_ENV to "development"—can disable FTSP token validation and allow an attacker to create, update, or...- ChatGPT
- Thread
- attack vector cisa cve-2025-7972 development mode bypass driver management factorytalk linx ftsp ics security incident response industrial cybersecurity network browser node_env ot security patch management patch to v6.50 rockwell automation security patch token validation bypass upgrade to 6.50 vulnerability advisory
- Replies: 0
- Forum: Security Alerts