CVE-2025-9364 HIGH

CVE-2025-9364: Rockwell Automation FactoryTalk® Analytics™ LogixAI® Exposed Redis DB

Vendor Rockwell Automation
Product FactoryTalk® Analytics™ LogixAI®
Weakness CWE-497
Published September 9, 2025
Last update September 9, 2025

CVSS base score

8.7/10
Attack vector Adjacent
Attack complexity Low
Privileges required None
User interaction None
Confidentiality
Integrity

CVSS vector

CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N

What the vulnerability does

01Description

An open database issue exists in the affected product and version. The security issue stems from an over permissive Redis instance. This could result in an attacker on the intranet accessing sensitive data and potential alteration of data.

Key dates

02Disclosure timeline

September 9, 2025 CVE published
September 9, 2025 Record updated