Rockwell Automation DataMosaix Private Cloud

Plan PatchCVSS 9.8ICS-CERT ICSA-25-028-05Jan 28, 2025

Rockwell Automation

Attack path

Attack VectorNetwork

Auth RequiredNone

ComplexityLow

User InteractionNone needed

Summary

Rockwell Automation DataEdgePlatform DataMosaix Private Cloud versions 7.09 and 7.11 contain vulnerabilities related to information disclosure and improper resource validation (CWE-200, CWE-1395) that could allow overwriting of reports and user projects. The vulnerabilities have a CVSS score of 9.8 and require no authentication or user interaction to exploit remotely.

What this means

What could happen

An attacker with network access could overwrite or corrupt reports and user projects in the DataMosaix Private Cloud system, potentially disrupting configuration management, data integrity, and operational visibility for water or energy facilities relying on this platform for automation control and monitoring.

Who's at risk

This vulnerability affects water utilities, electric utilities, and other critical infrastructure operators running Rockwell Automation DataEdgePlatform DataMosaix Private Cloud for industrial automation control, data aggregation, and project management. Any facility using versions 7.09 or 7.11 of this platform should prioritize updating.

How it could be exploited

An attacker with network access to the DataMosaix Private Cloud instance can send specially crafted requests to exploit the information disclosure and resource validation flaws. No credentials or user interaction are required. The attacker can overwrite reports and project files stored in the system, affecting the data and configuration managed by the platform.

Prerequisites

Network access to the DataMosaix Private Cloud system
DataMosaix Private Cloud version 7.09 or 7.11 deployed and reachable from attacker network

remotely exploitableno authentication requiredlow complexityhigh CVSS score (9.8)affects data integrity and availability of automation control platform

Exploitability

Some exploitation risk — EPSS score 6.1%

Affected products (2)

2 with fix

ProductAffected VersionsFix Status

DataEdgePlatform DataMosaix Private Cloud: <=7.11≤ 7.117.11.01

DataEdgePlatform DataMosaix Private Cloud: <=7.09≤ 7.097.11.01

Remediation & Mitigation

0/4

Do now

0/2

WORKAROUNDRestrict network access to DataMosaix Private Cloud to authorized management and operator networks only; do not expose to the Internet

HARDENINGImplement firewall rules to block unauthorized access to DataMosaix Private Cloud ports from untrusted networks

Schedule — requires maintenance window

0/1

Patching may require device reboot — plan for process interruption

HOTFIXUpdate DataEdgePlatform DataMosaix Private Cloud to version 7.11.01 or later

Long-term hardening

0/1

HARDENINGIsolate DataMosaix Private Cloud from business networks using network segmentation

CVEs (2)

CVE-2025-0659 CVE-2020-11656

View full CISA ICS-CERT advisory

↑↓ Navigate · Esc Close

API: /api/v1/advisories/a27d4991-0f33-4a6a-9bad-79dcd4ce27d4

Get OT security insights every Tuesday

Advisory breakdowns, a weekly summary, and incident analyses for the people actually defending OT environments. Free, no account required.