Rockwell Automation FactoryTalk Analytics PavilionX
MonitorCVSS 7ICS-CERT ICSA-26-167-01Jun 16, 2026
Rockwell Automation
Attack path
Attack VectorNetwork
Auth RequiredNone
ComplexityHigh
User InteractionNone needed
Summary
FactoryTalk Analytics PavilionX contains an authorization bypass vulnerability (CWE-862) that allows an attacker to execute privileged operations without proper access controls. Affected versions are prior to 7.01.
What this means
What could happen
An attacker could execute privileged commands on the FactoryTalk Analytics system, potentially modifying production analytics, alarm configurations, or system settings that control how operations are monitored and optimized.
Who's at risk
Manufacturing plants and facilities using Rockwell Automation's FactoryTalk Analytics PavilionX for production monitoring and analytics. This includes food and beverage processors, automotive suppliers, chemical manufacturers, and other discrete or process manufacturers that rely on FactoryTalk for operational visibility.
How it could be exploited
An attacker on the network can send a crafted request to the FactoryTalk Analytics PavilionX application without authentication, exploiting an authorization bypass to perform privileged operations reserved for administrators.
Prerequisites
- Network access to the FactoryTalk Analytics PavilionX application
- FactoryTalk Analytics PavilionX version prior to 7.01 deployed
remotely exploitablelow complexityno authentication requiredaffects monitoring and control systems
Exploitability
Unlikely to be exploited — EPSS score 0.2%
Affected products (1)
ProductAffected VersionsFix Status
FactoryTalk Analytics PavilionX<7.01Fix available
Remediation & Mitigation
0/1
Schedule — requires maintenance window
0/1Patching may require device reboot — plan for process interruption
HOTFIXUpdate FactoryTalk Analytics PavilionX to version 7.01 or later
CVEs (1)
↑↓ Navigate · Esc Close
API:
/api/v1/advisories/f6163067-2fbe-4f16-9b7a-e56aae443259Get OT security insights every Tuesday
Advisory breakdowns, a weekly summary, and incident analyses for the people actually defending OT environments. Free, no account required.