Security Advisory

CVE-2025-7973

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2025-08-14 13:52:53

Last updated 2025-08-14 15:05:00

Assigner Rockwell

State PUBLISHED

Description

A security issue exists in FactoryTalk ViewPoint version 14.0 or below due to improper handling of MSI repair operations. During a repair, attackers can hijack the cscript.exe console window, which runs with SYSTEM privileges. This can be exploited to spawn an elevated command prompt, enabling full privilege escalation.

← Browse all CVEs View on cve.org ↗