Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools

ecostruxure_power_build_-_rapsody

Source -

NVD

CNA CVEs -

0

ADP CVEs -

0

CISA CVEs -

0

NVD CVEs -

3
Related CVEsRelated VendorsRelated AssignersReports
3Vulnerabilities found
CVE-2025-13844
Assigner-Schneider Electric
ShareView Details
Assigner-Schneider Electric
CVSS Score-8.4||HIGH
EPSS-0.01% / 0.46%
||
7 Day CHG~0.00%
Published-15 Jan, 2026 | 18:28
Updated-03 Mar, 2026 | 16:44
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

CWE-415: Double Free vulnerability exists that could cause heap memory corruption when the end user imports a malicious project file (SSD file) shared by the attacker into Rapsody.

Action-Not Available
Vendor-Schneider Electric SE
Product-ecostruxure_power_build_-_rapsodyEcoStruxure Power Build Rapsody
CWE ID-CWE-415
Double Free
CVE-2021-22698
Assigner-Schneider Electric
ShareView Details
Assigner-Schneider Electric
CVSS Score-7.8||HIGH
EPSS-1.38% / 80.34%
||
7 Day CHG~0.00%
Published-25 Jan, 2021 | 17:10
Updated-03 Aug, 2024 | 18:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A CWE-434: Unrestricted Upload of File with Dangerous Type vulnerability exists in the EcoStruxure Power Build - Rapsody software (V2.1.13 and prior) that could allow a stack-based buffer overflow to occur which could result in remote code execution when a malicious SSD file is uploaded and improperly parsed.

Action-Not Available
Vendor-n/a
Product-ecostruxure_power_build_-_rapsody EcoStruxure Power Build - Rapsody software V2.1.13 and prior. 
CWE ID-CWE-434
Unrestricted Upload of File with Dangerous Type
CVE-2021-22697
Assigner-Schneider Electric
ShareView Details
Assigner-Schneider Electric
CVSS Score-7.8||HIGH
EPSS-0.71% / 72.27%
||
7 Day CHG~0.00%
Published-25 Jan, 2021 | 17:09
Updated-03 Aug, 2024 | 18:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A CWE-434: Unrestricted Upload of File with Dangerous Type vulnerability exists in the EcoStruxure Power Build - Rapsody software (V2.1.13 and prior) that could allow a use-after-free condition which could result in remote code execution when a malicious SSD file is uploaded and improperly parsed.

Action-Not Available
Vendor-n/a
Product-ecostruxure_power_build_-_rapsody EcoStruxure Power Build - Rapsody software V2.1.13 and prior. 
CWE ID-CWE-434
Unrestricted Upload of File with Dangerous Type