CVE-2025-7970 | THREATINT

Description

A security issue exists within FactoryTalk Activation Manager. An error in the implementation of cryptography within the software could allow attackers to decrypt traffic. This could result in data exposure, session hijacking, or full communication compromise.

PUBLISHED Reserved 2025-07-21 | Published 2025-09-09 | Updated 2025-09-09 | Assigner Rockwell

HIGH: 8.7CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N

Problem types

CWE-306: Missing Authentication for Critical Function

Product status

Default status

unaffected

5.00

affected

References

www.rockwellautomation.com/...dvisories/advisory.SD1741.html

cve.org (CVE-2025-7970)

nvd.nist.gov (CVE-2025-7970)

Download JSON