Critical Vulnerability Information Vulnerability Overview Vulnerability Name: FactoryTalk Linx Network Browser Security Bypass Vulnerability Severity: Critical CVE ID: CVE-2025-7972 Announcement ID: SD1735 Release Date: August 14, 2025 Last Updated: August 14, 2025 Revision: 1.0 Known Exploited Vulnerabilities (KEV): No Fixed: Yes Workarounds: No Affected Products and Solutions Vulnerability Details CVSS 3.1 Base Score: 9.0 CVSS 3.1 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:N/I:H/A:H CVSS 4.0 Base Score: 8.4 CVSS 4.0 Vector: CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:H/SC:N/SI:H/SA:H CWE: CWE-286: Incorrect User Management Known Exploited Vulnerabilities (KEV) Database: No Vulnerability Impact By modifying to , attackers can disable FTSP token validation. This bypass allows unauthorized access to create, update, and delete FTLinx drivers. Mitigation and Workarounds Users should upgrade to the fixed version as soon as possible. If upgrading is not feasible, affected users should implement security best practices.