CNNVD-202508-2377 Information
CNNVD ID
CNNVD-202508-2377
Related CVE
- CNNVD Published: 2025-08-20
Description (Chinese)
Schneider Electric EcoStruxure Building Operation Enterprise Server和Schneider Electric EcoStruxure Enterprise Server都是法国施耐德电气(Schneider Electric)公司的产品。Schneider Electric EcoStruxure Building Operation Enterprise Server是一个企业级楼宇控制系统。该系统以计算机网络为基础、软件为核心,结合智能建筑的工程建设的经验将楼宇中各个具有完整功能的独立分系统组合成一个有机的整体。Schneider Electric EcoStruxure Enterprise Server是一款智能楼宇系统的核心。 Schneider Electric多款产品存在安全漏洞,该漏洞源于资源消耗不受控制,可能导致拒绝服务攻击。以下产品受到影响:EcoStruxure Building Operation Enterprise Server、EcoStruxure Enterprise Server和EcoStruxure Workstation。
Description (English)
Schneider Electric EcoStruxure Building Operation Enterprise Server and Schneider EcoStruxure Server are products of Schneider Electric, France. Schneider Electric EcoStruxure Building Operation Enterprise Server is an enterprise-level building control system. Based on a computer network, with software at its core, the system combines a fully functional and independent subsystem of the building into an organic whole in the light of the experience of engineering in intelligent buildings. Schneider Electric EcoStruxure Enterprise Server is at the heart of a smart building system. There is a safety loophole in Schneider Electric ’ s multiple products, which stems from uncontrolled resource consumption and may lead to denial of service attacks. The following products were affected: EcoStruxure Building Operation Enterprise Server, EcoStruxure Enterprise Server and EcoStruxure Workstance.
Hazard Level
High
Vulnerability Type
资源管理错误
Affected Vendor
施耐德电气。
Published
2025-08-20
Last Modified
2026-02-24
References
https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2025-224-04&p_enDocType=Security+and+Safety+Notice&p_File_Name=SEVD-2025-224-04.pdf https://nvd.nist.gov/vuln/detail/CVE-2025-8449
Patch
https://www.se.com/us/en/product-range/62111-ecostruxure-building-operation-software/#overview
Share on: