CNNVD-202508-2253 Information
CNNVD ID
CNNVD-202508-2253
Related CVE
- CNNVD Published: 2025-08-20
Description (Chinese)
Schneider Electric EcoStruxure Power Monitoring Expert和EcoStruxure Power Operation AdvancedReporting and Dashboards Module都是法国施耐德电气(Schneider Electric)公司的产品。Schneider Electric EcoStruxure Power Monitoring Expert是一个用于物联网环境中进行配电监控的设备。EcoStruxure Power Operation AdvancedReporting and Dashboards Module是一个配电网络定制化组件。 Schneider Electric EcoStruxure Power Monitoring Expert和EcoStruxure Power Operation AdvancedReporting and Dashboards Module存在安全漏洞,该漏洞源于服务端请求伪造,可能导致未经授权访问敏感数据。
Description (English)
Schneider Electric EcoStruxure Power Monitoring Export and EcoStruxure Power Operations Advanced Reporting and Dashboards Module are products of Schneider Electric, France. Schneider Electric EcoStruxure Power Monitoring Export is a device for electrical distribution monitoring in an object-networked environment. EcoStruxure Power Operation Advanced Reporting and Dashboards Module is a customized component of the distribution network. There is a security loophole in Schneider Electric EcoStruxure Power Monitoring Export and EcoStruxure Power Operation Advanced Reporting and Dashboards Module, which originates from the forgery of service requests and may lead to unauthorized access to sensitive data.
Hazard Level
Medium
Vulnerability Type
代码问题
Affected Vendor
施耐德电气。
Published
2025-08-20
Last Modified
2026-02-24
References
https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2025-224-02&p_enDocType=Security+and+Safety+Notice&p_File_Name=SEVD-2025-224-02.pdf https://nvd.nist.gov/vuln/detail/CVE-2025-54924