CVE-2022-38743

Published: Oct 17, 2022

Modified: May 13, 2025

PUBLISHED

Description

Rockwell Automation FactoryTalk VantagePoint versions 8.0, 8.10, 8.20, 8.30, 8.31 are vulnerable to an improper access control vulnerability. The FactoryTalk VantagePoint SQL Server account could allow a malicious user with read-only privileges to execute SQL statements in the back-end database. If successfully exploited, this could allow the attacker to execute arbitrary code and gain access to restricted data.

Vendor	Product	Versions
n/a	FactoryTalk VantagePoint	affected `8.0, 8.10, 8.20, 8.30, 8.31`

Weaknesses (CWE)

CWE-284

References

https://rockwellautomation.custhelp.com/app/answers/answer_view/a_id/1137043

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2022-38743

Description

Affected Products

Weaknesses (CWE)

References