CNNVD-202512-1579 Information

Dec 09, 2025 cve

CNNVD ID

CNNVD-202512-1579

CVE-2025-12807

CNNVD Published: 2025-12-09

Description (Chinese)

Rockwell Automation FactoryTalk DataMosaix Private Cloud是美国罗克韦尔（Rockwell Automation）公司的一个工业数据平台产品。 Rockwell Automation FactoryTalk DataMosaix Private Cloud存在安全漏洞，该漏洞源于低权限用户可通过暴露的API端点执行敏感数据库操作。

Description (English)

Rockwell Automation ActoryTalk DataMosaix Private Cloud is an industrial data platform product of Rockwell Automation, United States. Lockwell Automation ActoryTalk DataMosaix Private Cloud has a security loophole, which stems from the fact that low-authorized users can perform sensitive database operations through the exposed API endpoint.

Hazard Level

Medium

Vulnerability Type

其他

Affected Vendor

罗克韦尔

Published

2025-12-09

Last Modified

2026-02-24

References

https://www.rockwellautomation.com/en-us/trust-center/security-advisories/advisory.SD1765.html

Patch

https://www.rockwellautomation.com/en-us/trust-center/security-advisories/advisory.SD1765.html

Share on: