CVE-2022-38743

CVE-2022-38743

Vendor N/A

Product FactoryTalk VantagePoint

Weakness CWE-284

Published October 17, 2022

Last update May 13, 2025

View on NVD All CVEs

CVSS base score

—

What the vulnerability does

01Description

Rockwell Automation FactoryTalk VantagePoint versions 8.0, 8.10, 8.20, 8.30, 8.31 are vulnerable to an improper access control vulnerability. The FactoryTalk VantagePoint SQL Server account could allow a malicious user with read-only privileges to execute SQL statements in the back-end database. If successfully exploited, this could allow the attacker to execute arbitrary code and gain access to restricted data.

Key dates

02Disclosure timeline

October 17, 2022 CVE published

May 13, 2025 Record updated

External resources

03References

NVD — National Vulnerability Database https://nvd.nist.gov/vuln/detail/CVE-2022-38743 CWE — Common Weakness Enumeration https://cwe.mitre.org/data/definitions/284.html

Related vulnerabilities

01Description

02Disclosure timeline

03References

04Related CVE