CVE-2025-0327 (GCVE-0-2025-0327)
Vulnerability from cvelistv5
Published
2025-02-13 06:20
Modified
2025-02-13 14:56
Severity ?
8.5 (High) - CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
7.8 (High) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
CWE
  • CWE-269 - Improper Privilege Management
Summary
CWE-269: Improper Privilege Management vulnerability exists for two services (of which one managing audit trail data and the other acting as server managing client request) that could cause a loss of Confidentiality, Integrity and Availability of engineering workstation when an attacker with standard privilege modifies the executable path of the windows services. To be exploited, services need to be restarted.
References
Impacted products
Vendor Product Version
Schneider Electric EcoStruxure Process Expert Version: Versions 2020R2
Version: Versions 2021 & 2023 (prior to v4.8.0.5715)
 Create a notification for this product.
Show details on NVD website

To clipboard 

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2025-0327",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-02-13T14:55:58.362547Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-02-13T14:56:12.017Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "EcoStruxure Process Expert",
          "vendor": "Schneider Electric",
          "versions": [
            {
              "status": "affected",
              "version": "Versions 2020R2"
            },
            {
              "status": "affected",
              "version": "Versions  2021 \u0026 2023 (prior to v4.8.0.5715)"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "EcoStruxure Process Expert for AVEVA System Platform",
          "vendor": "Schneider Electric",
          "versions": [
            {
              "status": "affected",
              "version": "Versions 2020R2"
            },
            {
              "status": "affected",
              "version": "Versions  2021 \u0026 2023"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "CWE-269: Improper Privilege Management vulnerability exists for two services (of which one managing audit\ntrail data and the other acting as server managing client request) that could cause a loss of Confidentiality,\nIntegrity and Availability of engineering workstation when an attacker with standard privilege modifies the\nexecutable path of the windows services. To be exploited, services need to be restarted.\n\n\n\u003cbr\u003e"
            }
          ],
          "value": "CWE-269: Improper Privilege Management vulnerability exists for two services (of which one managing audit\ntrail data and the other acting as server managing client request) that could cause a loss of Confidentiality,\nIntegrity and Availability of engineering workstation when an attacker with standard privilege modifies the\nexecutable path of the windows services. To be exploited, services need to be restarted."
        }
      ],
      "metrics": [
        {
          "cvssV4_0": {
            "Automatable": "NOT_DEFINED",
            "Recovery": "NOT_DEFINED",
            "Safety": "NOT_DEFINED",
            "attackComplexity": "LOW",
            "attackRequirements": "NONE",
            "attackVector": "LOCAL",
            "baseScore": 8.5,
            "baseSeverity": "HIGH",
            "privilegesRequired": "LOW",
            "providerUrgency": "NOT_DEFINED",
            "subAvailabilityImpact": "NONE",
            "subConfidentialityImpact": "NONE",
            "subIntegrityImpact": "NONE",
            "userInteraction": "NONE",
            "valueDensity": "NOT_DEFINED",
            "vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N",
            "version": "4.0",
            "vulnAvailabilityImpact": "HIGH",
            "vulnConfidentialityImpact": "HIGH",
            "vulnIntegrityImpact": "HIGH",
            "vulnerabilityResponseEffort": "NOT_DEFINED"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        },
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "availabilityImpact": "HIGH",
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-269",
              "description": "CWE-269 Improper Privilege Management",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-02-13T06:20:26.852Z",
        "orgId": "076d1eb6-cfab-4401-b34d-6dfc2a413bdb",
        "shortName": "schneider"
      },
      "references": [
        {
          "url": "https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2025-042-03\u0026p_enDocType=Security+and+Safety+Notice\u0026p_File_Name=SEVD-2025-042-03.pdf"
        }
      ],
      "source": {
        "discovery": "UNKNOWN"
      },
      "x_generator": {
        "engine": "Vulnogram 0.2.0"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "076d1eb6-cfab-4401-b34d-6dfc2a413bdb",
    "assignerShortName": "schneider",
    "cveId": "CVE-2025-0327",
    "datePublished": "2025-02-13T06:20:26.852Z",
    "dateReserved": "2025-01-08T13:34:15.419Z",
    "dateUpdated": "2025-02-13T14:56:12.017Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "nvd": "{\"cve\":{\"id\":\"CVE-2025-0327\",\"sourceIdentifier\":\"cybersecurity@se.com\",\"published\":\"2025-02-13T07:15:10.570\",\"lastModified\":\"2025-02-13T07:15:10.570\",\"vulnStatus\":\"Awaiting Analysis\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"CWE-269: Improper Privilege Management vulnerability exists for two services (of which one managing audit\\ntrail data and the other acting as server managing client request) that could cause a loss of Confidentiality,\\nIntegrity and Availability of engineering workstation when an attacker with standard privilege modifies the\\nexecutable path of the windows services. To be exploited, services need to be restarted.\"},{\"lang\":\"es\",\"value\":\"CWE-269: Existe una vulnerabilidad de administraci\u00f3n inadecuada de privilegios para dos servicios (uno de los cuales administra los datos de registro de auditor\u00eda y el otro act\u00faa como servidor que administra las solicitudes de los clientes) que podr\u00eda provocar una p\u00e9rdida de confidencialidad, integridad y disponibilidad de la estaci\u00f3n de trabajo de ingenier\u00eda cuando un atacante con privilegios est\u00e1ndar modifica la ruta ejecutable de los servicios de Windows. Para explotarla, es necesario reiniciar los servicios.\"}],\"metrics\":{\"cvssMetricV40\":[{\"source\":\"cybersecurity@se.com\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"4.0\",\"vectorString\":\"CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X\",\"baseScore\":8.5,\"baseSeverity\":\"HIGH\",\"attackVector\":\"LOCAL\",\"attackComplexity\":\"LOW\",\"attackRequirements\":\"NONE\",\"privilegesRequired\":\"LOW\",\"userInteraction\":\"NONE\",\"vulnConfidentialityImpact\":\"HIGH\",\"vulnIntegrityImpact\":\"HIGH\",\"vulnAvailabilityImpact\":\"HIGH\",\"subConfidentialityImpact\":\"NONE\",\"subIntegrityImpact\":\"NONE\",\"subAvailabilityImpact\":\"NONE\",\"exploitMaturity\":\"NOT_DEFINED\",\"confidentialityRequirement\":\"NOT_DEFINED\",\"integrityRequirement\":\"NOT_DEFINED\",\"availabilityRequirement\":\"NOT_DEFINED\",\"modifiedAttackVector\":\"NOT_DEFINED\",\"modifiedAttackComplexity\":\"NOT_DEFINED\",\"modifiedAttackRequirements\":\"NOT_DEFINED\",\"modifiedPrivilegesRequired\":\"NOT_DEFINED\",\"modifiedUserInteraction\":\"NOT_DEFINED\",\"modifiedVulnConfidentialityImpact\":\"NOT_DEFINED\",\"modifiedVulnIntegrityImpact\":\"NOT_DEFINED\",\"modifiedVulnAvailabilityImpact\":\"NOT_DEFINED\",\"modifiedSubConfidentialityImpact\":\"NOT_DEFINED\",\"modifiedSubIntegrityImpact\":\"NOT_DEFINED\",\"modifiedSubAvailabilityImpact\":\"NOT_DEFINED\",\"Safety\":\"NOT_DEFINED\",\"Automatable\":\"NOT_DEFINED\",\"Recovery\":\"NOT_DEFINED\",\"valueDensity\":\"NOT_DEFINED\",\"vulnerabilityResponseEffort\":\"NOT_DEFINED\",\"providerUrgency\":\"NOT_DEFINED\"}}],\"cvssMetricV31\":[{\"source\":\"cybersecurity@se.com\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\",\"baseScore\":7.8,\"baseSeverity\":\"HIGH\",\"attackVector\":\"LOCAL\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"LOW\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":1.8,\"impactScore\":5.9}]},\"weaknesses\":[{\"source\":\"cybersecurity@se.com\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-269\"}]}],\"references\":[{\"url\":\"https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2025-042-03\u0026p_enDocType=Security+and+Safety+Notice\u0026p_File_Name=SEVD-2025-042-03.pdf\",\"source\":\"cybersecurity@se.com\"}]}}",
    "vulnrichment": {
      "containers": "{\"cna\": {\"affected\": [{\"defaultStatus\": \"unaffected\", \"product\": \"EcoStruxure Process Expert\", \"vendor\": \"Schneider Electric\", \"versions\": [{\"status\": \"affected\", \"version\": \"Versions 2020R2\"}, {\"status\": \"affected\", \"version\": \"Versions  2021 \u0026 2023 (prior to v4.8.0.5715)\"}]}, {\"defaultStatus\": \"unaffected\", \"product\": \"EcoStruxure Process Expert for AVEVA System Platform\", \"vendor\": \"Schneider Electric\", \"versions\": [{\"status\": \"affected\", \"version\": \"Versions 2020R2\"}, {\"status\": \"affected\", \"version\": \"Versions  2021 \u0026 2023\"}]}], \"descriptions\": [{\"lang\": \"en\", \"supportingMedia\": [{\"base64\": false, \"type\": \"text/html\", \"value\": \"CWE-269: Improper Privilege Management vulnerability exists for two services (of which one managing audit\\ntrail data and the other acting as server managing client request) that could cause a loss of Confidentiality,\\nIntegrity and Availability of engineering workstation when an attacker with standard privilege modifies the\\nexecutable path of the windows services. To be exploited, services need to be restarted.\\n\\n\\n\u003cbr\u003e\"}], \"value\": \"CWE-269: Improper Privilege Management vulnerability exists for two services (of which one managing audit\\ntrail data and the other acting as server managing client request) that could cause a loss of Confidentiality,\\nIntegrity and Availability of engineering workstation when an attacker with standard privilege modifies the\\nexecutable path of the windows services. To be exploited, services need to be restarted.\"}], \"metrics\": [{\"cvssV4_0\": {\"Automatable\": \"NOT_DEFINED\", \"Recovery\": \"NOT_DEFINED\", \"Safety\": \"NOT_DEFINED\", \"attackComplexity\": \"LOW\", \"attackRequirements\": \"NONE\", \"attackVector\": \"LOCAL\", \"baseScore\": 8.5, \"baseSeverity\": \"HIGH\", \"privilegesRequired\": \"LOW\", \"providerUrgency\": \"NOT_DEFINED\", \"subAvailabilityImpact\": \"NONE\", \"subConfidentialityImpact\": \"NONE\", \"subIntegrityImpact\": \"NONE\", \"userInteraction\": \"NONE\", \"valueDensity\": \"NOT_DEFINED\", \"vectorString\": \"CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N\", \"version\": \"4.0\", \"vulnAvailabilityImpact\": \"HIGH\", \"vulnConfidentialityImpact\": \"HIGH\", \"vulnIntegrityImpact\": \"HIGH\", \"vulnerabilityResponseEffort\": \"NOT_DEFINED\"}, \"format\": \"CVSS\", \"scenarios\": [{\"lang\": \"en\", \"value\": \"GENERAL\"}]}, {\"cvssV3_1\": {\"attackComplexity\": \"LOW\", \"attackVector\": \"LOCAL\", \"availabilityImpact\": \"HIGH\", \"baseScore\": 7.8, \"baseSeverity\": \"HIGH\", \"confidentialityImpact\": \"HIGH\", \"integrityImpact\": \"HIGH\", \"privilegesRequired\": \"LOW\", \"scope\": \"UNCHANGED\", \"userInteraction\": \"NONE\", \"vectorString\": \"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\", \"version\": \"3.1\"}, \"format\": \"CVSS\", \"scenarios\": [{\"lang\": \"en\", \"value\": \"GENERAL\"}]}], \"problemTypes\": [{\"descriptions\": [{\"cweId\": \"CWE-269\", \"description\": \"CWE-269 Improper Privilege Management\", \"lang\": \"en\", \"type\": \"CWE\"}]}], \"providerMetadata\": {\"orgId\": \"076d1eb6-cfab-4401-b34d-6dfc2a413bdb\", \"shortName\": \"schneider\", \"dateUpdated\": \"2025-02-13T06:20:26.852Z\"}, \"references\": [{\"url\": \"https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2025-042-03\u0026p_enDocType=Security+and+Safety+Notice\u0026p_File_Name=SEVD-2025-042-03.pdf\"}], \"source\": {\"discovery\": \"UNKNOWN\"}, \"x_generator\": {\"engine\": \"Vulnogram 0.2.0\"}}, \"adp\": [{\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2025-0327\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"none\"}, {\"Automatable\": \"no\"}, {\"Technical Impact\": \"total\"}], \"version\": \"2.0.3\", \"timestamp\": \"2025-02-13T14:55:58.362547Z\"}}}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2025-02-13T14:56:07.309Z\"}}]}",
      "cveMetadata": "{\"cveId\": \"CVE-2025-0327\", \"assignerOrgId\": \"076d1eb6-cfab-4401-b34d-6dfc2a413bdb\", \"state\": \"PUBLISHED\", \"assignerShortName\": \"schneider\", \"dateReserved\": \"2025-01-08T13:34:15.419Z\", \"datePublished\": \"2025-02-13T06:20:26.852Z\", \"dateUpdated\": \"2025-02-13T14:56:12.017Z\"}",
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }
  }
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
  • Confirmed: The vulnerability is confirmed from an analyst perspective.
  • Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
  • Patched: This vulnerability was successfully patched by the user reporting the sighting.
  • Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
  • Not confirmed: The user expresses doubt about the veracity of the vulnerability.
  • Not patched: This vulnerability was not successfully patched by the user reporting the sighting.