CNNVD-202508-2258 Information
CNNVD ID
CNNVD-202508-2258
Related CVE
- CNNVD Published: 2025-08-20
Description (Chinese)
Schneider Electric EcoStruxure Power Monitoring Expert和EcoStruxure Power Operation AdvancedReporting and Dashboards Module都是法国施耐德电气(Schneider Electric)公司的产品。Schneider Electric EcoStruxure Power Monitoring Expert是一个用于物联网环境中进行配电监控的设备。EcoStruxure Power Operation AdvancedReporting and Dashboards Module是一个配电网络定制化组件。 Schneider Electric EcoStruxure Power Monitoring Expert和EcoStruxure Power Operation AdvancedReporting and Dashboards Module存在安全漏洞,该漏洞源于反序列化不可信数据,可能导致远程代码执行和系统完整性受损。
Description (English)
Schneider Electric EcoStruxure Power Monitoring Export and EcoStruxure Power Operations Advanced Reporting and Dashboards Module are products of Schneider Electric, France. Schneider Electric EcoStruxure Power Monitoring Export is a device for electrical distribution monitoring in an object-networked environment. EcoStruxure Power Operation Advanced Reporting and Dashboards Module is a customized component of the distribution network. There is a security loophole in Schneider Electric Electronic Power Monitoring Monitoring Exchange and EcoStruxure Power Operation Advanced Reporting and Dashboards Modeule, which stems from untrustworthy data from back-sequencing, which may result in damage to remote code implementation and system integrity.
Hazard Level
High
Vulnerability Type
代码问题
Affected Vendor
施耐德电气。
Published
2025-08-20
Last Modified
2026-02-24
References
https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2025-224-02&p_enDocType=Security+and+Safety+Notice&p_File_Name=SEVD-2025-224-02.pdf https://nvd.nist.gov/vuln/detail/CVE-2025-54923