CP
cyberpings
VulnerabilitiesHIGH

Vulnerability in Schneider Electric EcoStruxure IT Software

CICISA Advisories
CVE-2025-13957Schneider ElectricEcoStruxure IT Data Center ExpertSOCKS Proxyhard-coded credentials
🎯

Basically, there's a security flaw in Schneider Electric's software that could let hackers access sensitive information.

Quick Summary

Schneider Electric has revealed a serious vulnerability in its EcoStruxure IT Data Center Expert software. This flaw could allow hackers to access sensitive information. Users must act quickly to apply the necessary patches or mitigations to secure their systems.

The Flaw

Schneider Electric has identified a hard-coded credentials vulnerability in its EcoStruxure IT Data Center Expert (DCE) software. This vulnerability is particularly concerning as it requires administrator credentials and the activation of a feature known as SOCKS Proxy, which is disabled by default. If exploited, this flaw could lead to information disclosure and even remote code execution.

The affected versions include EcoStruxure IT Data Center Expert version 9.0 and earlier. The vulnerability, cataloged as CVE-2025-13957, has been assigned a CVSS score of 7.2, indicating a high severity level. This means that organizations using these versions are at significant risk if they do not take immediate action.

What's at Risk

Organizations across various sectors, including commercial facilities, energy, and government services, are at risk due to this vulnerability. The EcoStruxure IT Data Center Expert software is widely used for monitoring critical infrastructure, making it a prime target for attackers. If the vulnerability is exploited, it could disrupt operations and allow unauthorized access to sensitive system data.

Failure to address this issue could lead to severe operational disruptions, potentially impacting not just the affected organizations but also the broader industries they serve. The global reach of Schneider Electric means that this vulnerability could have far-reaching consequences.

Patch Status

Schneider Electric has released a fix for this vulnerability in version 9.1 of the EcoStruxure IT Data Center Expert software. Users are strongly encouraged to upgrade to this version to mitigate the risks associated with the hard-coded credentials. For those unable to update immediately, the company recommends implementing specific mitigations to reduce exposure.

These mitigations include hardening the DCE instance according to cybersecurity best practices and ensuring that the SOCKS Proxy feature remains disabled. Detailed guidance can be found in the EcoStruxure IT Data Center Expert Security Handbook.

Immediate Actions

Organizations using the affected versions of EcoStruxure IT Data Center Expert should take immediate action. First, upgrade to version 9.1 to patch the vulnerability. If upgrading is not feasible, apply the recommended mitigations to minimize risk. This includes isolating control systems behind firewalls and ensuring that no unauthorized personnel can access critical infrastructure.

Additionally, organizations should regularly review their cybersecurity practices and conduct risk assessments to identify potential vulnerabilities. By taking these proactive measures, organizations can better protect themselves against potential exploits stemming from this vulnerability.

🔒 Pro insight: The hard-coded credentials issue reflects a broader trend in industrial control systems, emphasizing the need for robust credential management practices.

Original article from

CISA Advisories · CISA

Read Full Article

Share

Related Pings

HIGHVulnerabilities

AI Vulnerabilities - Data Exfiltration Risks Uncovered

New vulnerabilities in AI systems like Amazon Bedrock and LangSmith have been uncovered. These flaws could allow attackers to exfiltrate sensitive data and execute harmful code. Immediate action is needed to secure these platforms and protect user information.

The Hacker News·
HIGHVulnerabilities

Vulnerabilities in IP KVMs - Security Risks Exposed

Researchers disclosed nine vulnerabilities in IP KVMs from four manufacturers, exposing networks to serious risks. Many devices remain unpatched, making them easy targets for attackers. It's crucial for admins to secure these devices promptly.

Ars Technica Security·
CRITICALVulnerabilities

Vulnerabilities in Schneider Electric SCADAPack - Urgent Alert

Schneider Electric has revealed a critical vulnerability in its SCADAPack RTUs. This flaw could allow unauthorized access, risking system integrity and safety. Immediate updates are essential for protection.

CISA Advisories·
HIGHVulnerabilities

CODESYS Vulnerabilities - Critical Flaws in Festo Suite

Critical vulnerabilities have been discovered in CODESYS within Festo Automation Suite. Users must upgrade to the latest versions to avoid severe risks. Stay secure by applying updates promptly.

CISA Advisories·
HIGHVulnerabilities

Siemens SICAM SIAPP SDK - Multiple Vulnerabilities Found

Siemens has identified multiple vulnerabilities in its SICAM SIAPP SDK. Users are urged to update to version 2.1.7 to avoid potential disruptions. This is crucial for maintaining operational integrity in critical manufacturing sectors.

CISA Advisories·
HIGHVulnerabilities

AWS Bedrock AgentCore - Critical Sandbox Bypass Vulnerability

A serious flaw in AWS Bedrock's Sandbox mode allows attackers to create covert C2 channels and exfiltrate sensitive data. Users must transition to VPC mode for better security.

Cyber Security News·