SQL Injection in Rockwell Automation Factorytalk® Datamosaix™ Private Cloud

CVE-2025-12807

A security issue was discovered in DataMosaix Private Cloud, allowing users with low privilege to perform sensitive database operations through exposed API endpoints.

Vulnerability class: SQL Injection

EPSS: 0.004 (31.8th percentile) — read the EPSS interpretation.

Affected products

Weakness classification (CWE)

References