SQL Injection in Rockwell Automation Factorytalk® Datamosaix™ Private Cloud
CVE-2025-12807
A security issue was discovered in DataMosaix Private Cloud, allowing users with low privilege to perform sensitive database operations through exposed API endpoints.
Vulnerability class: SQL Injection
EPSS: 0.004 (31.8th percentile) — read the EPSS interpretation.
Affected products
- Rockwell Automation Factorytalk® Datamosaix™ Private Cloud — versions 7.11, 8.00, 8.01