← Back to home
ICSA-24-226-05  ·  Published 2024-08-13  ·  View on CISA ICS-CERT ↗

Rockwell Automation DataMosaix Private Cloud

CVSS 9.1 CRITICAL

Risk Summary

Successful exploitation of this vulnerability could allow an attacker to generate cookies for a user ID without the use of a username or password, resulting in the malicious actor to take over the account.

CVEs (1)

Remediations

  • Users are encouraged to upgrade the DataMosaix Private Cloud software from V7.07 to V7.09. The application support team will work with respective users to upgrade.

Affected Vendors

Rockwell Automation

Affected Products (1)

Rockwell Automation · DataMosaix Private Cloud <7.07

Affected Sectors

Critical Manufacturing

Get alerted to advisories like this

OTWarden monitors CISA, BSI, Siemens, Rockwell and more — and emails you within 2 hours when your vendors are affected.

Start free trial Learn more