You are using an out of date browser. It may not display this or other websites correctly. You should upgrade or use an alternative browser.
cve-2025-32433
About this tag
CVE-2025-32433 is a critical vulnerability affecting all versions of Schneider Electric Galaxy VS, Galaxy VL, and Galaxy VXL uninterruptible power supplies (UPS). It carries a CVSS score of 10.0, the highest possible severity rating. The flaw allows unauthenticated remote code execution (RCE) with low attack complexity, posing an immediate threat to power resilience across critical infrastructure sectors such as energy grids, manufacturing, and commercial facilities. Discussions on WindowsForum highlight its inclusion in the CISA Known Exploited Vulnerabilities (KEV) Catalog due to active exploitation. Users are advised to apply vendor patches and follow mitigation guidance to protect industrial control systems.
Two newly discovered vulnerabilities have taken center stage in the ever-evolving cybersecurity threat landscape, as the Cybersecurity and Infrastructure Security Agency (CISA) has added them to its Known Exploited Vulnerabilities (KEV) Catalog. This move, driven by verified evidence of active...
A critical vulnerability has sent ripples through the global industrial cybersecurity community: all versions of Schneider Electric’s Galaxy VS, Galaxy VL, and Galaxy VXL uninterruptible power supplies (UPS), widely used to protect critical infrastructure, are exposed to a remotely exploitable...