CVE-2025-9064: 
Rockwell Automation FactoryTalk View Machine Edition vulnerability analysis and mitigation

A path traversal security vulnerability (CVE-2025-9064) was discovered in FactoryTalk View Machine Edition, affecting versions prior to V15.00. The vulnerability was identified during internal testing by Rockwell Automation and publicly disclosed on October 14, 2025. This security issue affects FactoryTalk View Machine Edition, a machine-level HMI software used for industrial automation that enables design, monitoring, and control of operator interfaces (Rockwell Advisory).

The vulnerability is classified as a path traversal issue (CWE-22: Improper Limitation of a Pathname to a Restricted Directory). It received a CVSS v3.1 base score of 7.5 (High) and a CVSS v4.0 base score of 8.7 (High). The technical nature of the vulnerability allows unauthenticated attackers on the same network as the device to delete any file within the panel's operating system, though exploitation requires knowledge of the specific filenames to be deleted (CISA Advisory, Rockwell Advisory).

The successful exploitation of this vulnerability could allow attackers to delete arbitrary files within the panel's operating system, potentially leading to system corruption or data loss. The attack can be executed by any unauthenticated attacker who has network access to the affected device, making it particularly concerning for industrial environments (Security Online).

Rockwell Automation has released several remediation options for affected systems. Users can upgrade to FactoryTalk View ME V15.00 or later on ASEM 6300 IPCs, apply Patch BF31001, or install the PanelView Plus 7 Performance Series B V14.103 firmware package. For users unable to upgrade, Rockwell Automation recommends following their security best practices, including network segmentation and access restrictions (Rockwell Advisory).