Three vulnerabilities affect Rockwell Automation FactoryTalk Historian SE version 11.00 and earlier, including CVE-2025-13036, an authentication bypass rated CVSS 9.2 that is exploitable over the network with no credentials required, enabling unauthorized read and write access to historian process data. The disclosure is via CISA ICS Advisory ICSA-26-169-03; no active exploitation is confirmed, but the network-accessible unauthenticated attack vector elevates urgency for any site without compensating network segmentation.