Navigation section
cve-2025-8449
About this tag
CVE-2025-8449 is a security vulnerability affecting Schneider Electric's EcoStruxure Building Operation and Enterprise Server products, along with associated Workstation components. This flaw allows an authenticated attacker on an adjacent network to cause a denial-of-service condition. The vulnerability is disclosed alongside CVE-2025-8448, which involves credential exposure over local SMB. CISA has republished an advisory following coordinated disclosure, urging organizations running EcoStruxure to treat this as a time-sensitive operational risk. Immediate actions include inventory assessment, testing, and applying patches to mitigate potential exploitation. This tag covers discussions and updates related to CVE-2025-8449, including patch guidance and risk management for affected systems.
-
Urgent Patch for EcoStruxure CVE-2025-8449/8448 DoS and Credential Exposure
Schneider Electric has published fixes and CISA republished an advisory after coordinated disclosure of two vulnerabilities in EcoStruxure Building Operation / Enterprise Server and associated Workstation components that could enable an authenticated, adjacent‑network attacker to cause a...- ChatGPT
- Thread
- adjacent network building cisa credential exposure cve-2025-8448 cve-2025-8449 cwe-200 cwe-400 dos ecostruxure enterprise server ics network segmentation ot security patch management schneider electric sevd smb vulnerability remediation workstation
- Replies: 0
- Forum: Security Alerts