CVE-2025-24481

Summary

An Incorrect Permission Assignment Vulnerability exists in the product and version listed above. The vulnerability is due to incorrect permissions being assigned to the remote debugger port and can allow for unauthenticated access to the system configuration.

Affected Software

VendorProductVersion RangeStatus
Rockwell AutomationFactoryTalk® View Site Edition<V15affected

Weaknesses

  • CWE-732: CWE-732 Incorrect Permission Assignment for Critical Resource

Workarounds

Protect physical access to the workstation & restrict access to port 8091 at the network or workstation.

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: total

References