Overview
View CSAF Summary Successful exploitation of this vulnerability could result in an attacker executing privileged operations. The following versions of Rockwell Automation FactoryTalk Analytics PavilionX are affected: FactoryTalk Analytics PavilionX <7.01 (CVE-2025-14272) CVSS Vendor Equipment Vulnerabilities v3 7 Rockwell Automation Rockwell Automation FactoryTalk Analytics PavilionX Missing Autho
CVE Identifier
CVE-2025-14272 — check NVD and MITRE.
Impact
Security teams should assess whether affected products or services are present in their environment and review vendor-published advisories for patches or mitigations.
Recommended Actions
- Check whether the affected product, version, or configuration exists in your environment.
- Apply vendor patches or mitigations as soon as they are available.
- Search SIEM and EDR telemetry for indicators associated with exploitation of this vulnerability.
- Review the original advisory from CISA ICS Advisories for full technical details.
- Update vulnerability tracking records and risk registers accordingly.