datamosaix security

About this tag
The datamosaix security tag on WindowsForum.com covers vulnerabilities and patching guidance for Rockwell Automation's FactoryTalk DataMosaix Private Cloud. Recent discussion highlights CVE-2025-12807, a high-severity SQL injection flaw with a CVSS v3.1 score of 8.8, which allows low-privilege users to perform sensitive database operations through exposed API endpoints. The fix is included in version 8.01.02. Content emphasizes the need for high-priority remediation and layered compensating controls until patching is complete. This tag is relevant for IT and security professionals managing Rockwell Automation industrial cloud deployments.
  1. High Severity SQL Injection in Rockwell DataMosaix Private Cloud - Patch 8.01.02

    Rockwell Automation’s FactoryTalk DataMosaix Private Cloud contains a high‑severity SQL injection vulnerability that lets low‑privilege users perform sensitive database operations through exposed API endpoints — a flaw assigned CVE‑2025‑12807 with a CVSS v3.1 base score of 8.8 (CVSS v4 ≈ 8.7)...