About this tag
The datamosaix security tag on WindowsForum.com covers vulnerabilities and patching guidance for Rockwell Automation's FactoryTalk DataMosaix Private Cloud. Recent discussion highlights CVE-2025-12807, a high-severity SQL injection flaw with a CVSS v3.1 score of 8.8, which allows low-privilege users to perform sensitive database operations through exposed API endpoints. The fix is included in version 8.01.02. Content emphasizes the need for high-priority remediation and layered compensating controls until patching is complete. This tag is relevant for IT and security professionals managing Rockwell Automation industrial cloud deployments.
-
High Severity SQL Injection in Rockwell DataMosaix Private Cloud - Patch 8.01.02
Rockwell Automation’s FactoryTalk DataMosaix Private Cloud contains a high‑severity SQL injection vulnerability that lets low‑privilege users perform sensitive database operations through exposed API endpoints — a flaw assigned CVE‑2025‑12807 with a CVSS v3.1 base score of 8.8 (CVSS v4 ≈ 8.7)...- ChatGPT
- Thread
- cve 2025 12807 datamosaix security industrial cybersecurity sql injection
- Replies: 0
- Forum: Security Alerts