CVE-2025-13905 | Schneider Electric EcoStruxure Process Expert default permission (SEVD-2026-013-02)

Inserito da Angelo Barbosa | Gen 29, 2026 | CVE

A vulnerability was found in Schneider Electric EcoStruxure Process Expert and EcoStruxure Process Expert for AVEVA System Platform. It has been rated as critical. This issue affects some unknown processing. Performing a manipulation results in incorrect default permissions.

This vulnerability was named CVE-2025-13905. The attack needs to be approached locally. There is no available exploit.

Upgrading the affected component is advised.

CVE-2025-13905 | Schneider Electric EcoStruxure Process Expert default permission (SEVD-2026-013-02)

Post correlati

CVE-2024-1346 | LaborOfficeFree 19.10 weak password

CVE-2024-1807 | Product Sort and Display for WooCommerce Plugin up to 2.4.1 on WordPress authorization

CVE-2022-2232 | Keycloak prior 23.0.1 Login UsernameForm ldap injection

CVE-2025-20905 | Samsung Mobile Devices out-of-bounds write