CVE-2022-3158

Published: Oct 17, 2022

Modified: May 14, 2025

PUBLISHED

Description

Rockwell Automation FactoryTalk VantagePoint versions 8.0, 8.10, 8.20, 8.30, 8.31 are vulnerable to an input validation vulnerability. The FactoryTalk VantagePoint SQL Server lacks input validation when users enter SQL statements to retrieve information from the back-end database. If successfully exploited, this could allow a user with basic user privileges to perform remote code execution on the server.

Vendor	Product	Versions
n/a	FactoryTalk VantagePoint	affected `8.0, 8.10, 8.20, 8.30, 8.31`

Weaknesses (CWE)

CWE-89

References

https://rockwellautomation.custhelp.com/app/answers/answer_view/a_id/1137043

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2022-3158

Description

Affected Products

Weaknesses (CWE)

References