You are using an out of date browser. It may not display this or other websites correctly. You should upgrade or use an alternative browser.
cve-2025-9997
About this tag
CVE-2025-9997 is an OS command injection vulnerability in the BLMon monitoring console of Schneider Electric Saitel DR and Saitel DP Remote Terminal Units (RTUs). This flaw allows authenticated console users to inject and execute arbitrary shell commands under specific conditions. Schneider Electric has published coordinated advisories with fixes or workarounds, and the vulnerability has been assigned a CVE identifier by national authorities. Discussions on WindowsForum.com cover mitigation strategies, affected firmware versions, and recommended security patches for enterprise IT environments managing industrial control systems.
Schneider Electric has published coordinated advisories describing two OS command injection flaws in the BLMon monitoring console used by Saitel DR and Saitel DP Remote Terminal Units (RTUs), vulnerabilities that allow authenticated console users to inject and execute arbitrary shell commands...