CVE-2025-0327 | Schneider Electric EcoStruxure Process Expert 2020R2/2021/2023 Windows Service privileges management (SEVD-2025-042-03)

A vulnerability was found in Schneider Electric EcoStruxure Process Expert and EcoStruxure Process Expert for AVEVA System Platform 2020R2/2021/2023 and classified as critical. Affected by this issue is some unknown functionality of the component Windows Service Handler. The manipulation leads to improper privilege management.

This vulnerability is handled as CVE-2025-0327. Local access is required to approach this attack. There is no exploit available.

It is recommended to apply a patch to fix this issue.

CVE-2025-0327 | Schneider Electric EcoStruxure Process Expert 2020R2/2021/2023 Windows Service privileges management (SEVD-2025-042-03)

Related Posts

CVE-2025-22662 | SendPulse Email Marketing Newsletter Plugin up to 2.1.5 on WordPress cross site scripting

CVE-2024-24331 | Totolink A3300R 17.0.0cu.557_B20221024 setWiFiScheduleCfg enable command injection

CVE-2023-40010 | realmag777 Husky Plugin up to 1.3.4.2 on WordPress sql injection

CVE-2023-51090 | Tenda M3 1.0.0.12(4856) formGetWeiXinConfig stack-based overflow