CVE-2025-9364— Rockwell Automation FactoryTalk® Analytics™ LogixAI® Exposed Redis DB
Get alerts for future matching vulnerabilitiesLog in to subscribe
I. Basic Information for CVE-2025-9364
Vulnerability Information
Have questions about the vulnerability? See if Shenlong's analysis helps!
View Shenlong Deep Dive ↗ Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Rockwell Automation FactoryTalk® Analytics™ LogixAI® Exposed Redis DB
Source: NVD (National Vulnerability Database)
Vulnerability Description
An open database issue exists in the affected product and version. The security issue stems from an over permissive Redis instance. This could result in an attacker on the intranet accessing sensitive data and potential alteration of data.
Source: NVD (National Vulnerability Database)
CVSS Information
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Type
将系统数据暴露到未授权控制的范围
Source: NVD (National Vulnerability Database)
Vulnerability Title
Rockwell Automation FactoryTalk Analytics LogixAI 安全漏洞
Source: CNNVD (China National Vulnerability Database)
Vulnerability Description
Rockwell Automation FactoryTalk Analytics LogixAI是美国罗克韦尔(Rockwell Automation)公司的一个嵌入式 AI 分析模块。 Rockwell Automation FactoryTalk Analytics LogixAI存在安全漏洞,该漏洞源于Redis实例权限过大,可能导致数据泄露或篡改。
Source: CNNVD (China National Vulnerability Database)
CVSS Information
N/A
Source: CNNVD (China National Vulnerability Database)
Vulnerability Type
N/A
Source: CNNVD (China National Vulnerability Database)
Affected Products
| Vendor | Product | Affected Versions | CPE | Subscribe |
|---|---|---|---|---|
| Rockwell Automation | FactoryTalk® Analytics™ LogixAI® | Versions 3.00 and 3.01 | - |
II. Public POCs for CVE-2025-9364
| # | POC Description | Source Link | Shenlong Link |
|---|
AI-Generated POCPremium
No public POC found.
Login to generate AI POCIII. Intelligence Information for CVE-2025-9364
请登录查看更多情报信息。
Same Patch Batch · Rockwell Automation · 2025-09-09 · 9 CVEs total
| CVE-2025-8007 | Rockwell Automation 1756-ENT2R, EN4TR, EN4TRXT Vulnerability | |
| CVE-2025-8008 | Rockwell Automation 1756-ENT2R, EN4TR, EN4TRXT Vulnerability | |
| CVE-2025-9160 | Rockwell Automation CompactLogix® 5480 Code Execution Vulnerability | |
| CVE-2025-9166 | Rockwell Automation ControlLogix® 5580 V35.013 Denial-Of-Service | |
| CVE-2025-7970 | Rockwell Automation FactoryTalk Activation Manager Lack of Encryption Vulnerability | |
| CVE-2025-7350 | Rockwell Automation Stratix® IOS Cross-Site Request Forgery to Code Execution Vulnerabilit | |
| CVE-2025-9065 | Rockwell Automation ThinManager® Server-Side Request Forgery Vulnerability | |
| CVE-2025-9161 | Rockwell Automation FactoryTalk Optix Remote Code Execution Vulnerability |
IV. Related Vulnerabilities
Same vendor: Rockwell Automation
- CVE-2025-9283
ArmorStart® LT - Multiple Denial-of-Service Vulnerabilities - CVE-2025-9282
ArmorStart® LT - Multiple Denial-of-Service Vulnerabilities - CVE-2025-9281
ArmorStart® LT - Multiple Denial-of-Service Vulnerabilities - CVE-2025-9280
ArmorStart® LT - Multiple Denial-of-Service Vulnerabilities - CVE-2025-14027
Rockwell Automation Recommends Upgrading From 1756-RM2 XT To
Same weakness: CWE-497
- CVE-2026-7864
Exposure of Sensitive Information to an Unauthorized Actor - CVE-2026-41928
Vvveb < 1.0.8.2 Information Disclosure via Cron Controller - CVE-2026-25468
WordPress Happy Addons for Elementor plugin <= 3.20.8 - Sens - CVE-2026-42644
WordPress BetterDocs plugin <= 4.3.10 - Sensitive Data Expos - CVE-2026-24222
NVIDIA NeMoClaw 安全漏洞
V. Comments for CVE-2025-9364
No comments yet