Rockwell FactoryTalk® DataMosaix™ Private Cloud – Multiple Vulnerabilities
Plan Patch8SD1758Nov 11, 2025
Summary
Rockwell Automation FactoryTalk DataMosaix Private Cloud contains multiple vulnerabilities that could allow remote exploitation without authentication. The advisory does not specify individual CVE details or technical vector information. All versions of the product are affected. No patch has been released by Rockwell Automation at this time.
What this means
What could happen
Attackers could exploit multiple vulnerabilities in FactoryTalk DataMosaix Private Cloud to gain unauthorized access or execute commands on systems that aggregate and manage industrial data, potentially disrupting visibility into manufacturing operations or compromising process data integrity.
Who's at risk
Manufacturing facilities using Rockwell Automation FactoryTalk DataMosaix Private Cloud for real-time data aggregation, analytics, and plant visibility. This affects food/beverage processing, automotive, pharmaceuticals, and discrete manufacturing operations that depend on centralized process monitoring and historian data.
How it could be exploited
An attacker with network access to the DataMosaix Private Cloud instance could exploit one or more unspecified vulnerabilities to gain unauthorized access or execute arbitrary commands without requiring valid credentials or user interaction.
Prerequisites
- Network access to FactoryTalk DataMosaix Private Cloud port/interface
- No authentication required for exploitation of at least one vulnerability variant
remotely exploitableno authentication requiredno patch availablehigh CVSS (8.0)affects data integrity and availability
Exploitability
Low exploit probability (EPSS 0.1%)
Affected products (1)
ProductAffected VersionsFix Status
FactoryTalk DataMosaix Private CloudAll versionsNo fix (EOL)
Remediation & Mitigation
0/3
Do now
0/1HARDENINGIsolate FactoryTalk DataMosaix Private Cloud instances from untrusted networks using network segmentation and firewall rules; restrict access to authorized engineering and operations workstations only
Schedule — requires maintenance window
0/1Patching may require device reboot — plan for process interruption
HARDENINGImplement network-based intrusion detection to monitor for suspicious access patterns to DataMosaix Private Cloud services
Long-term hardening
0/1WORKAROUNDMonitor Rockwell Automation security bulletins for future guidance, as no patch is currently available
CVEs (2)
↑↓ Navigate · Esc Close
API:
/api/v1/advisories/915a8346-1204-4f75-bfc5-854f683c8514