Schneider Electric EcoStruxure Building Operation Workstation

CVEs (2)

Remediations

• The following versions of EcoStruxure Building Operation Workstation and EcoStruxure Building Operation WebStation include a fix for CVE-2026-1227: • 7.0.3.2000 (CP1) Step 1: Navigate to this link: https://www.se.com/myschneider/documentsDownloadCenter/detail?id=EBO-Patch-v7-0 Step 2: Download 'EcoStruxure Building Operation Patch v7.0' Step 3: Follow the installation instructions provided in the accompanying readme file. Additionally, ensure you are following the [EBO hardening guidelines](https://ecostruxure-building-help.se.com/bms/Topics/show.castle?id=14923&productversion=7.1&locale=en-US).
• The following versions of EcoStruxure Building Operation Workstation and EcoStruxure Building Operation WebStation includes a fix for CVE-2026-1227: • 6.0.4.14001 (CP10) Step 1: Locate the appropriate version for your system here: https://www.se.com/myschneider/documentsDownloadCenter/detail?id=EBO-Patch-v6-0 Step 2: Download ‘EcoStruxure Building Operation Patch v6.0‘ Step 3: Follow the installation instructions provided in the accompanying readme file. Additionally, ensure you are following the [EBO hardening guidelines](https://ecostruxure-building-help.se.com/bms/Topics/show.castle?id=14923&productversion=7.1&locale=en-US).
• If customers choose not to apply the remediation provided above, they should immediately apply the following mitigations to reduce the risk of exploit: • Implement strong access controls to limit system access to authorized personnel. • Use multi factor authentication if using EBO version 7.0 or later. • Use firewalls to segregate networks and protect the building management system. • Regularly monitor system activity. • Ensure you are following [EBO hardening guidelines](https://ecostruxure-building-help.se.com/bms/Topics/show.castle?id=14923&productversion=7.1&locale=en-US).
• For more information see the associated Schneider Electric security advisory SEVD-2026-041-02, titled ‘Multiple Vulnerabilities on EcoStruxure Building Operation Workstation and EcoStruxure Building Operation WebStation‘. • PDF Version: [https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2026-041-02&p_enDocType=Security+and+Safety+Notice&p_File_Name=SEVD-2026-041-02.pdf](https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2026-041-02&p_enDocType=Security+and+Safety+Notice&p_File_Name=SEVD-2026-041-02.pdf) • CSAF Version: [https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2026-041-02&p_enDocType=Security+and+Safety+Notice&p_File_Name=sevd-2026-041-02.json](https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2026-041-02&p_enDocType=Security+and+Safety+Notice&p_File_Name=sevd-2026-041-02.json).
• The following versions of EcoStruxure Building Operation Workstation and EcoStruxure Building Operation WebStation include a fix for CVE-2026-1226:  • 7.0.2 Step 1: Navigate to this link: https://www.se.com/myschneider/documentsDownloadCenter/detail?id=EBO-Patch-v7-0 Step 2: Download 'EcoStruxure Building Operation Patch v7.0' Step 3: Follow the installation instructions provided in the accompanying readme file. Additionally, ensure you are following the [EBO hardening guidelines](https://ecostruxure-building-help.se.com/bms/Topics/show.castle?id=14923&productversion=7.1&locale=en-US).
• The following versions of EcoStruxure Building Operation Workstation and EcoStruxure Building Operation WebStation includes a fix for CVE-2026-1226: • 6.0.4.7000 (CP5) Step 1: Locate the appropriate version for your system here: https://www.se.com/myschneider/documentsDownloadCenter/detail?id=EBO-Patch-v6-0 Step 2: Download ‘EcoStruxure Building Operation Patch v6.0‘ Step 3: Follow the installation instructions provided in the accompanying readme file. Additionally, ensure you are following the [EBO hardening guidelines](https://ecostruxure-building-help.se.com/bms/Topics/show.castle?id=14923&productversion=7.1&locale=en-US).
• For more information see the associated Schneider Electric security advisory SEVD-2026-041-02, titled "Multiple Vulnerabilities on EcoStruxure Building Operation Workstation and EcoStruxure Building Operation WebStation". • PDF Version: [https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2026-041-02&p_enDocType=Security+and+Safety+Notice&p_File_Name=SEVD-2026-041-02.pdf](https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2026-041-02&p_enDocType=Security+and+Safety+Notice&p_File_Name=SEVD-2026-041-02.pdf) • CSAF Version: [https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2026-041-02&p_enDocType=Security+and+Safety+Notice&p_File_Name=sevd-2026-041-02.json](https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2026-041-02&p_enDocType=Security+and+Safety+Notice&p_File_Name=sevd-2026-041-02.json).

Affected Vendors

Affected Products (16)

Affected Sectors

Commercial Facilities, Energy, Government Services and Facilities, Healthcare and Public Health, Information Technology, Transportation Systems, Financial Services, Defense Industrial Base, Critical Manufacturing