CISA 2026-06-16

Rockwell Automation FactoryTalk Analytics PavilionX

CVE-2025-14272

Machine-generated analysis · WAYSCloud LLM

The advisory states that affected versions of FactoryTalk Analytics PavilionX lack proper authorization controls on API endpoints, potentially allowing unauthenticated attackers to perform administrative actions.

Context

FactoryTalk Analytics PavilionX is a software platform used for industrial analytics in critical manufacturing environments. The advisory identifies a missing authorization vulnerability (CVE-2025-14272) in versions prior to 7.01 that could enable unauthenticated users to execute privileged operations. This includes actions such as managing users and roles. The CVSS v4.0 score of 8.3 reflects a higher severity rating than the v3.1 score, indicating a more refined assessment of impact under certain conditions.

Operator considerations

- Patch: Update FactoryTalk Analytics PavilionX to version 7.01 or later using the Rockwell Automation Download Center.
- Check: Verify the current version of FactoryTalk Analytics PavilionX in use to determine if it is below 7.01.
- Log: Monitor access logs for unauthorized or unexpected administrative API calls, particularly those related to user or role management.

From Cybersecurity and Infrastructure Security Agency ↗

Successful exploitation of this vulnerability could result in an attacker executing privileged operations.

The following versions of Rockwell Automation FactoryTalk Analytics PavilionX are affected:

FactoryTalk Analytics PavilionX

Read the full advisory on CISA →