CVE-2025-7970

Published Sep 9, 2025

Last updated 7 months ago

CVSS high 8.7
Scada

Overview

Description
A security issue exists within FactoryTalk Activation Manager. An error in the implementation of cryptography within the software could allow attackers to decrypt traffic. This could result in data exposure, session hijacking, or full communication compromise.
Source
PSIRT@rockwellautomation.com
NVD status
Analyzed
Products
factorytalk_activation_manager

Risk scores

CVSS 4.0

Type
Secondary
Base score
8.7
Impact score
-
Exploitability score
-
Vector string
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Severity
HIGH

CVSS 3.1

Type
Primary
Base score
7.5
Impact score
3.6
Exploitability score
3.9
Vector string
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
Severity
HIGH

Weaknesses

PSIRT@rockwellautomation.com
CWE-306

Social media

Hype score
Not currently trending

  1. CVE-2025-7970 Cryptographic Vulnerability in FactoryTalk Activation Manager Enabling Traffic Decryption https://t.co/8hpX0zmj3J

    @VulmonFeeds

    9 Sept 2025

    13 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  2. [CVE-2025-7970: HIGH] FactoryTalk Activation Manager has a security flaw in cryptography implementation, enabling attackers to decrypt traffic. Data exposure and communication compromise may occur.#cve,CVE-2025-7970,#cybersecurity https://t.co/HVo9FzRPFQ https://t.co/2FijVwMJPD

    @CveFindCom

    9 Sept 2025

    47 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  3. CVE-2025-7970 A security issue exists within FactoryTalk Activation Manager. An error in the implementation of cryptography within the software could allow attackers to decrypt traf… https://t.co/os3GO56wQQ

    @CVEnew

    9 Sept 2025

    234 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

Configurations

Related CVEs

  1. All versions of InSAT MasterSCADA BUK-TS are susceptible to OS command injection through a field in its MMadmServ web interface. Malicious users that use the vulnerable endpoint are potentially able to cause remote code execution.CVE-2026-22553
  2. InSAT MasterSCADA BUK-TS is susceptible to SQL Injection through its main web interface. Malicious users that use the vulnerable endpoint are potentially able to cause remote code execution.CVE-2026-21410
  3. FUXA is a web-based Process Visualization (SCADA/HMI/Dashboard) software. From 1.2.8 through 1.2.10, an authentication bypass vulnerability in FUXA allows an unauthenticated, remote attacker to execute arbitrary code on the server when the Node-RED plugin is enabled. This has been patched in FUXA version 1.2.11.CVE-2026-25938
  4. FUXA is a web-based Process Visualization (SCADA/HMI/Dashboard) software. From 1.2.8 through version 1.2.10, an authorization bypass vulnerability in the FUXA allows an unauthenticated, remote attacker to create and modify arbitrary schedulers, exposing connected ICS/SCADA environments to follow-on actions. This has been patched in FUXA version 1.2.11.CVE-2026-25939
  5. FUXA is a web-based Process Visualization (SCADA/HMI/Dashboard) software. An insecure default configuration in FUXA allows an unauthenticated, remote attacker to gain administrative access and execute arbitrary code on the server. This affects FUXA through version 1.2.9 when authentication is enabled, but the administrator JWT secret is not configured. This issue has been patched in FUXA version 1.2.10.CVE-2026-25894

References

Sources include official advisories and independent security research.