Description
An authentication
bypass security issue exists within FactoryTalk Historian Site Edition. By
continually sending requests to the login endpoint, an attacker may obtain a
valid authentication token.
Published: 2026-06-16
Score: 9.2 Critical
EPSS: < 1% Very Low
KEV: No
Impact: n/a
Action: n/a
AI Analysis

Impact

The vulnerability is a race condition that allows a continuous stream of requests to the login endpoint to yield a valid authentication token, effectively bypassing the authentication process. An attacker who can send such requests can obtain unauthorized access to the FactoryTalk Historian Site Edition and any protected data or functions controlled by that system. This flaw enables full compromise of confidentiality and integrity for any data stored or processed by the affected instance.

Affected Systems

Rockwell Automation FactoryTalk Historian Site Edition is impacted. No explicit version list is provided in the advisory; however the vendor recommends upgrading to v12.00.00 or later to remediate the issue, implying that versions prior to v12.00.00 are exposed.

Risk and Exploitability

The CVSS score of 9.2 denotes a critical vulnerability. The EPSS score of less than 1% indicates a low probability of exploitation, but the absence from the KEV catalog means no known active exploitation. The likely attack vector is remote: an attacker can target the publicly exposed login endpoint from any network location capable of reaching the application. Because the flaw does not require any pre‑existing authentication, the exploitation effort is minimal and successful exploitation would grant the attacker full control of the affected system.

Generated by OpenCVE AI on June 17, 2026 at 21:34 UTC.

Remediation

Vendor Solution

Upgrade to v12.00.00 and later


OpenCVE Recommended Actions

  • Upgrade FactoryTalk Historian Site Edition to version 12.00.00 or later to apply the vendor fix.
  • Restrict access to the login endpoint by configuring firewall rules or VPN restrictions so that only trusted internal IP ranges can reach it.
  • Implement or enforce account lockout or rate‑limiting policies for repeated login attempts to mitigate automated request flooding while remediation is pending.

Generated by OpenCVE AI on June 17, 2026 at 21:34 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Fri, 26 Jun 2026 10:45:00 +0000

Type Values Removed Values Added
First Time appeared Rockwellautomation
Rockwellautomation factorytalk Historian Se
Vendors & Products Rockwellautomation
Rockwellautomation factorytalk Historian Se

Tue, 16 Jun 2026 16:30:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'yes', 'Exploitation': 'none', 'Technical Impact': 'total'}, 'version': '2.0.3'}


Tue, 16 Jun 2026 15:00:00 +0000

Type Values Removed Values Added
Description An authentication bypass security issue exists within FactoryTalk Historian Site Edition. By continually sending requests to the login endpoint, an attacker may obtain a valid authentication token.
Title Rockwell Automation FactoryTalk Historian Site Edition - Authentication Bypass
Weaknesses CWE-362
References
Metrics cvssV4_0

{'score': 9.2, 'vector': 'CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:H/VA:L/SC:N/SI:N/SA:N'}


Subscriptions

Rockwellautomation Factorytalk Historian Se
cve-icon MITRE

Status: PUBLISHED

Assigner: Rockwell

Published:

Updated: 2026-06-16T15:26:21.599Z

Reserved: 2025-11-11T17:55:24.504Z

Link: CVE-2025-13036

cve-icon Vulnrichment

Updated: 2026-06-16T15:26:18.716Z

cve-icon NVD

Status : Awaiting Analysis

Published: 2026-06-16T15:16:32.870

Modified: 2026-06-16T15:26:04.250

Link: CVE-2025-13036

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-06-26T09:45:25Z

Weaknesses
  • CWE-362

    Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')