Schneider Electric EcoStruxure

Source: All CISA Advisories | Added:

Schneider Electric has reported a vulnerability in its EcoStruxure Power Monitoring Expert and EcoStruxure Power Operation products, which could allow unauthorized access to TGML diagrams by authenticated users. This vulnerability, identified as CVE-2025-6788, poses a risk to critical infrastructure sectors and requires immediate attention from users to mitigate potential exploitation.

Impact: EcoStruxure Power Monitoring Expert (PME) and EcoStruxure Power Operation (EPO)

In the Wild: No

Age: Newly disclosed

Remediation: Apply hotfixes provided for affected products and consider removing TGML diagrams from multi-tenant managed systems.

Phishing CVE Vulnerability Patch Update

Read Full Original Article →