Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools

EcoStruxureTM Enterprise Server

Source -

CNA

CNA CVEs -

2

ADP CVEs -

0

CISA CVEs -

0

NVD CVEs -

0
Related CVEsRelated VendorsRelated AssignersReports
2Vulnerabilities found
CVE-2025-8448
Assigner-Schneider Electric
ShareView Details
Assigner-Schneider Electric
CVSS Score-2.3||LOW
EPSS-0.02% / 3.41%
||
7 Day CHG~0.00%
Published-20 Aug, 2025 | 13:58
Updated-20 Aug, 2025 | 15:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

CWE-200: Exposure of Sensitive Information to an Unauthorized Actor vulnerability exists that could cause unauthorized access to sensitive credential data when an attacker is able to capture local SMB traffic between a valid user within the BMS network and the vulnerable products.

Action-Not Available
Vendor-Schneider EelctricSchneider Electric SE
Product-EcoStruxureTM Building Operation Enterprise ServerEcoStruxureTM WorkstationEcoStruxureTM Enterprise Server
CWE ID-CWE-200
Exposure of Sensitive Information to an Unauthorized Actor
CVE-2025-8449
Assigner-Schneider Electric
ShareView Details
Assigner-Schneider Electric
CVSS Score-4.1||MEDIUM
EPSS-0.02% / 3.91%
||
7 Day CHG~0.00%
Published-20 Aug, 2025 | 13:55
Updated-20 Aug, 2025 | 17:10
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

CWE-400: Uncontrolled Resource Consumption vulnerability exists that could cause a denial of service when an authenticated user sends a specially crafted request to a specific endpoint from within the BMS network.

Action-Not Available
Vendor-Schneider EelctricSchnieder ElectricSchneider Electric SE
Product-EcoStruxureTM Enterprise ServerEcoStruxureTM WorkstationEcoStruxureTM Building Operation Enterprise Server
CWE ID-CWE-400
Uncontrolled Resource Consumption