Rockwell Automation FactoryTalk VantagePoint versions 8.0, 8.10, 8.20, 8.30, 8.31 are vulnerable to an improper access control vulnerability. The FactoryTalk VantagePoint SQL Server account could allow a malicious user with read-only privileges to execute SQL statements in the back-end database. If successfully exploited, this could allow the attacker to execute arbitrary code and gain access to restricted data.
Name | Vendor | Start Version | End Version |
---|---|---|---|
Factorytalk_vantagepoint | Rockwellautomation | 8.0 (including) | 8.0 (including) |
Factorytalk_vantagepoint | Rockwellautomation | 8.10 (including) | 8.10 (including) |
Factorytalk_vantagepoint | Rockwellautomation | 8.20 (including) | 8.20 (including) |
Factorytalk_vantagepoint | Rockwellautomation | 8.30 (including) | 8.30 (including) |
Factorytalk_vantagepoint | Rockwellautomation | 8.31 (including) | 8.31 (including) |