← Back to home
ICSA-25-203-03  ·  Published 2025-07-08  ·  View on CISA ICS-CERT ↗

Schneider Electric EcoStruxure

CVSS 4.3 MEDIUM

CVEs (1)

Remediations

  • Hotfix_199767 is available for EcoStruxure™ Power Monitoring Expert (PME) that includes a fix for this vulnerability. Contact Schneider Electric’s Customer Care Center to download this hotfix.
  • Hotfix_256448_Diagrams-Release.13.0.25182.01 Contact Schneider Electric’s Customer Care Center to download this hotfix.
  • Hotfix_256448_Diagrams-Release.13.1.25182.01 available for EcoStruxure™ Power Monitoring Expert (PME) that includes a fix for this vulnerability. Contact Schneider Electric’s Customer Care Center to download this hotfix.
  • Hotfix_199767 available for EcoStruxure™ Power Monitoring Expert (PME) that includes a fix for this vulnerability. Contact Schneider Electric’s Customer Care Center to download this hotfix.
  • Hotfix_256448_Diagrams-Release.13.0.25182.0 available for EcoStruxure™ Power Monitoring Expert (PME) that includes a fix for this vulnerability. Contact Schneider Electric’s Customer Care Center to download this hotfix.
  • If customers choose not to apply the remediation provided above, they should immediately apply the following mitigation to reduce the risk of exploit: • We recommend you remove your TGML diagrams from your multitenant managed system or onpremises system and revert to using Vista diagrams.

Affected Vendors

Schneider Electric

Affected Products (10)

Schneider Electric · EcoStruxure™ Power Monitoring Expert (PME) 2023
Schneider Electric · EcoStruxure™ Power Monitoring Expert (PME) 2023_R2
Schneider Electric · EcoStruxure™ Power Monitoring Expert (PME) 2024
Schneider Electric · EcoStruxure™ Power Monitoring Expert (PME) 2024_R2
Schneider Electric · EcoStruxure™ Power Operation (EPO) Advanced Reporting and Dashboards Module 2022
Schneider Electric · EcoStruxure™ Power Operation (EPO) Advanced Reporting and Dashboards Module 2024
Schneider Electric · EcoStruxure™ Power Monitoring Expert (PME) 2023_Hotfix_199767
Schneider Electric · EcoStruxure™ Power Monitoring Expert (PME) 2023_R2_Hotfix_199767
Schneider Electric · EcoStruxure™ Power Monitoring Expert (PME) 2024_Hotfix_256448_Diagrams-.13.0.25182.01
Schneider Electric · EcoStruxure™ Power Monitoring Expert (PME) 2024_R2_Hotfix_256448_Diagrams-.13.1.25182.01

Affected Sectors

Commercial Facilities, Critical Manufacturing, Energy

Get alerted to advisories like this

OTWarden monitors CISA, BSI, Siemens, Rockwell and more — and emails you within 2 hours when your vendors are affected.

Start free trial Learn more