You are using an out of date browser. It may not display this or other websites correctly. You should upgrade or use an alternative browser.
cve-2025-0813
About this tag
The tag cve-2025-0813 covers discussions about a specific authentication bypass vulnerability in Schneider Electric's EcoStruxure Power Automation System User Interface (EPAS-UI), affecting versions 2.1 through 2.9. This vulnerability allows unauthorized users with physical access to bypass device authentication, potentially accessing sensitive data or executing arbitrary code. While the vulnerability is in an industrial control system, Windows users in mixed IT environments may be impacted if their systems interact with EPAS-UI. The tag includes analysis of advisories and implications for Windows-based infrastructure.
Schneider Electric’s EcoStruxure Power Automation System User Interface (EPAS-UI) has come under scrutiny for a vulnerability that could have significant implications in industrial environments—and, by extension, in mixed IT infrastructures where Windows systems play a crucial role. Recent...