CVE-2025-8448 | Schneider Electric EcoStruxureTM Building Operation Enterprise Server SMB information disclosure (SEVD-2025-224-04)

A vulnerability described as problematic has been identified in Schneider Electric EcoStruxureTM Building Operation Enterprise Server, EcoStruxureTM Enterprise Server and EcoStruxureTM Workstation up to 7.0.0. This issue affects some unknown processing of the component SMB Handler. The manipulation results in information disclosure.

This vulnerability was named CVE-2025-8448. The attack needs to be approached within the local network. There is no available exploit.

Upgrading the affected component is recommended.

CVE-2025-8448 | Schneider Electric EcoStruxureTM Building Operation Enterprise Server SMB information disclosure (SEVD-2025-224-04)

Post correlati

CVE-2025-5108 | zongzhige ShopXO 6.5.0 ZIP File Payment.php Upload params unrestricted upload

CVE-2024-47917 | Mobotix CCTV FW up to MX-V3.4.2.16 cross site scripting

CVE-2024-51492 | Zusam up to 0.5.5 cross site scripting

CVE-2025-23091 | Ubiquiti UDM up to 4.1 Application Update channel accessible