ICSA-24-284-16 · Published 2024-10-10 · View on CISA ICS-CERT ↗

Rockwell Automation DataMosaix Private Cloud

CVSS 9.8 CRITICAL

Risk Summary

Successful exploitation of these vulnerabilities could cause a denial-of-service condition, view customer data, or perform remote code execution.

CVE-2019-14855 CVE-2019-17543 CVE-2019-18276 CVE-2019-19244 CVE-2019-9893 CVE-2019-9923

Rockwell Automation has addressed this issue in version v7.09 and encourages users to update to the newest available version. Rockwell Automation encourages users of the affected software to apply risk mitigations, if possible.
Rockwell Automation encourages users to implement security best practices to minimize the risk of the vulnerability.
For more information about this issue, please see the advisory on the Rockwell Automation security page.

Rockwell Automation

Rockwell Automation · DataMosaix Private Cloud <=7.07

Critical Manufacturing

OTWarden monitors CISA, BSI, Siemens, Rockwell and more — and emails you within 2 hours when your vendors are affected.