VDB
CVE-2025-9066
CVE-2025-9066
PUBLISHED
CVSS 8.699999809265137 HIGH
A security issue was discovered within FactoryTalk® ViewPoint, allowing unauthenticated attackers to achieve XXE. Certain SOAP requests can be abused to perform XXE, resulting in a temporary denial-of-service.
EPSS 0.27% · 50.4th percentile
Risk Scores
CVSS 4.0
8.699999809265137
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
EPSS Score
0.27%
50.4th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Rockwell Automation | FactoryTalk ViewPoint | V14 and prior |
Timeline
- Oct 14, 2025 CVE Published
- Oct 14, 2025 CVE Updated
- Oct 15, 2025 EPSS Score
- Oct 16, 2025 PoC Published
- Oct 21, 2025 EPSS Score
- Oct 27, 2025 EPSS Score
- Nov 2, 2025 EPSS Score
- Nov 8, 2025 EPSS Score
- Nov 15, 2025 EPSS Score
- Nov 21, 2025 EPSS Score
- Nov 27, 2025 EPSS Score
- Dec 3, 2025 EPSS Score