CVE-2025-13905 | Schneider Electric EcoStruxure Process Expert default permission (SEVD-2026-013-02)

Inserito da Angelo Barbosa | Gen 29, 2026 | CVE

A vulnerability was found in Schneider Electric EcoStruxure Process Expert and EcoStruxure Process Expert for AVEVA System Platform. It has been rated as critical. This issue affects some unknown processing. Performing a manipulation results in incorrect default permissions.

This vulnerability was named CVE-2025-13905. The attack needs to be approached locally. There is no available exploit.

Upgrading the affected component is advised.

CVE-2025-13905 | Schneider Electric EcoStruxure Process Expert default permission (SEVD-2026-013-02)

Post correlati

CVE-2024-6163 | Checkmk up to 2.0.0p39/2.1.0p45/2.2.0p30/2.3.0p10 HTTP Endpoint authentication spoofing

CVE-2024-58100 | Linux Kernel up to 6.12.24 bpf check_cfg changes_pkt_data state issue

CVE-2025-14650 | itsourcecode Online Cake Ordering System 1.0 /cakeshop/product.php Product sql injection

CVE-2024-34394 | libxmljs2 up to 0.33.0 namespaces type confusion (ID 205)