CVE-2022-3158

CVE-2022-3158

Vendor N/A

Product FactoryTalk VantagePoint

Weakness CWE-89 · SQLi

Published October 17, 2022

Last update May 14, 2025

View on NVD All CVEs

CVSS base score

—

What the vulnerability does

01Description

Rockwell Automation FactoryTalk VantagePoint versions 8.0, 8.10, 8.20, 8.30, 8.31 are vulnerable to an input validation vulnerability. The FactoryTalk VantagePoint SQL Server lacks input validation when users enter SQL statements to retrieve information from the back-end database. If successfully exploited, this could allow a user with basic user privileges to perform remote code execution on the server.

Key dates

02Disclosure timeline

October 17, 2022 CVE published

May 14, 2025 Record updated

External resources

03References

NVD — National Vulnerability Database https://nvd.nist.gov/vuln/detail/CVE-2022-3158 CWE — Common Weakness Enumeration https://cwe.mitre.org/data/definitions/89.html

Related vulnerabilities

01Description

02Disclosure timeline

03References

04Related CVE