CP
cyberpings
VulnerabilitiesCRITICAL

Schneider Electric Plant iT/Brewmaxx - Critical Vulnerabilities Found

CICISA Advisories
CVE-2025-49844CVE-2025-46817CVE-2025-46818CVE-2025-46819Schneider Electric
🎯

Basically, some software used in factories has serious security holes that hackers could exploit.

Quick Summary

Schneider Electric's Plant iT/Brewmaxx has critical vulnerabilities that could allow hackers to execute remote code. Affected systems include those in energy and manufacturing sectors. Immediate patching is essential to mitigate risks.

The Flaw

Schneider Electric's Plant iT/Brewmaxx has been found to have several critical vulnerabilities, particularly affecting versions 9.60 and above. These flaws include use-after-free, integer overflow, and improper control of code generation. Successful exploitation of these vulnerabilities could lead to privilege escalation, allowing attackers to execute arbitrary code remotely.

The vulnerabilities are identified as CVE-2025-49844, CVE-2025-46817, CVE-2025-46818, and CVE-2025-46819. The highest severity rating among these is a CVSS score of 9.9, indicating a critical risk to systems utilizing this software. The affected product employs Redis, an open-source database, which is central to the vulnerabilities.

What's at Risk

The potential impact of these vulnerabilities is significant, especially for industries relying on Schneider Electric's solutions for critical infrastructure. The affected sectors include energy, critical manufacturing, and commercial facilities. If exploited, attackers could gain unauthorized access to sensitive systems, leading to operational disruptions or even safety risks.

Organizations using these systems must recognize that the vulnerabilities could expose them to severe consequences, including data breaches and loss of control over industrial processes. This situation underscores the importance of maintaining robust cybersecurity measures in industrial environments.

Patch Status

Schneider Electric has released a patch, ProLeiT-2025-001, to address these vulnerabilities. Users are urged to install this patch immediately to mitigate the risks associated with the identified flaws. The patch includes instructions to disable certain commands in Redis and to implement secure configuration templates.

Organizations should also restart all patched servers and workstations to ensure that the updates take effect. Schneider Electric recommends following industry best practices for cybersecurity, such as isolating control systems from business networks and employing physical security measures.

Immediate Actions

To protect against these vulnerabilities, organizations should take the following steps:

  • Install the patch: Apply ProLeiT-2025-001 as soon as possible.
  • Disable eval commands: After patching, disable eval commands on all relevant systems.
  • Use secure configurations: Follow the guidance in the patch manual for secure Redis configurations.
  • Implement cybersecurity best practices: Isolate control systems, restrict access, and ensure that devices are not exposed to the internet.

By taking these actions, organizations can significantly reduce their risk of exploitation and enhance their overall security posture against potential threats.

🔒 Pro insight: The critical CVSS score of 9.9 highlights the urgent need for immediate patching to prevent potential exploitation in industrial environments.

Original article from

CISA Advisories · CISA

Read Full Article

Share

Related Pings

HIGHVulnerabilities

Pharmacy Cyberattack - Warning for Healthcare Security Weaknesses

A major cyberattack on Change Healthcare left millions of patients without access to their medications. This incident underscores the urgent cybersecurity vulnerabilities in healthcare. With losses reaching over $100 million daily, the need for robust defenses is clear. The healthcare sector must act swiftly to prevent such disruptions in the future.

Huntress Blog·
HIGHVulnerabilities

Vulnerabilities - Internet-exposed EoL Microsoft IIS Servers Persist

Over 511,000 outdated Microsoft IIS servers are still online, posing high risks, especially in the U.S. and China. Urgent updates or replacements are necessary to protect against attacks.

SC Media·
HIGHVulnerabilities

Dell Wyse Management Vulnerabilities - System Compromise Risk

Dell Wyse Management Suite has critical vulnerabilities allowing attackers to gain complete system control. Organizations must update their systems immediately to avoid exploitation. This is a serious risk that could lead to data breaches and operational disruptions.

Cyber Security News·
MEDIUMVulnerabilities

Vulnerability in Schneider Electric EcoStruxure Foxboro DCS

A vulnerability has been detected in Schneider Electric's EcoStruxure Foxboro DCS software. This affects workstations and servers, posing risks of data breaches and operational disruptions. Immediate action is required to apply patches and secure systems.

CISA Advisories·
HIGHVulnerabilities

Grassroots DICOM Vulnerability - Denial-of-Service Risk

A critical vulnerability in Grassroots DICOM (GDCM) could lead to denial-of-service attacks. Healthcare systems using this software are at risk. Immediate action is recommended to mitigate potential exploitation.

CISA Advisories·
CRITICALVulnerabilities

Vulnerability in Pharos Controls Mosaic Show Controller

A critical vulnerability has been discovered in the Pharos Controls Mosaic Show Controller. This flaw allows attackers to execute commands with root privileges. Users are urged to upgrade their firmware immediately to protect their systems.

CISA Advisories·