Rockwell FactoryTalk® Policy Manager Third-Party Vulnerability
Monitor7.5SD1762Nov 11, 2025
Summary
FactoryTalk Policy Manager contains a high-severity third-party vulnerability (CVSS 7.5) that could allow remote compromise. No patch is currently available from Rockwell Automation. The vulnerability affects all versions of the product.
What this means
What could happen
A third-party vulnerability in FactoryTalk Policy Manager could allow an attacker to gain unauthorized access to the system and potentially compromise the integrity of production policies and configurations that control industrial processes.
Who's at risk
Manufacturing facilities and process industries using Rockwell Automation's FactoryTalk Policy Manager for production control and configuration management, particularly those relying on it to enforce security policies across industrial systems.
How it could be exploited
An attacker with network access to FactoryTalk Policy Manager could exploit the third-party vulnerability to bypass authentication or execute unauthorized commands. The attack requires the affected application to be reachable from the attacker's network position.
Prerequisites
- Network access to FactoryTalk Policy Manager
- The application must be running and accessible
remotely exploitableno patch availablehigh CVSS score (7.5)
Exploitability
Low exploit probability (EPSS 0.4%)
Affected products (1)
ProductAffected VersionsFix Status
FactoryTalk Policy ManagerAll versionsNo fix (EOL)
Remediation & Mitigation
0/4
Do now
0/2WORKAROUNDRestrict network access to FactoryTalk Policy Manager to only those users and systems that require it for engineering and administration activities
WORKAROUNDDisable or uninstall the affected third-party component if it is not essential to operations
Mitigations - no patch available
0/2FactoryTalk Policy Manager has reached End of Life. The vendor will not release a patch. Apply the following compensating controls:
HARDENINGIsolate FactoryTalk Policy Manager on a separate network segment or apply strict firewall rules to limit access to authorized engineering workstations only
HARDENINGMonitor access logs and authentication attempts to FactoryTalk Policy Manager for suspicious activity
CVEs (1)
↑↓ Navigate · Esc Close
API:
/api/v1/advisories/e75bc50b-6863-46a9-aa69-372f6bf37f39