CVE-2025-54925

🗓️ 20 Aug 2025 13:44:21Reported by schneiderType

CVE-2025-54925 SSRF risk: attacker configures app to malicious URL, exposing unauthorized data.

Reporter	Title	Published	Views	Family All 9
Circl	CVE-2025-54925	12 Aug 202503:00	–	circl
CNNVD	Schneider Electric EcoStruxure Power Monitoring Expert和EcoStruxure Power Operation AdvancedReporting and Dashboards Module 代码问题漏洞	20 Aug 202500:00	–	cnnvd
Cvelist	CVE-2025-54925	20 Aug 202513:44	–	cvelist
EUVD	EUVD-2025-25295	3 Oct 202520:07	–	euvd
NVD	CVE-2025-54925	20 Aug 202514:15	–	nvd
Positive Technologies	PT-2025-32892 · Schneider Electric · Ecostruxure Power Monitoring Expert +1	12 Aug 202500:00	–	ptsecurity
RedhatCVE	CVE-2025-54925	22 Aug 202514:31	–	redhatcve
Vulnrichment	CVE-2025-54925	20 Aug 202513:44	–	vulnrichment
Zero Day Initiative	(0Day) Schneider Electric EcoStruxure Power Monitoring Expert ExportDataAsXML Server-Side Request Forgery Information Disclosure Vulnerability	12 Aug 202500:00	–	zdi

[
  {
    "defaultStatus": "unaffected",
    "product": "EcoStruxure™ Power Monitoring Expert (PME)",
    "vendor": "Schneider Electric",
    "versions": [
      {
        "status": "affected",
        "version": "Version 2022"
      },
      {
        "status": "affected",
        "version": "Version 2023"
      },
      {
        "status": "affected",
        "version": "Version 2024"
      },
      {
        "status": "affected",
        "version": "Version 2024 R2"
      }
    ]
  },
  {
    "defaultStatus": "unaffected",
    "product": "EcoStruxure™ Power Operation (EPO) Advanced Reporting and Dashboards Module",
    "vendor": "Schneider Electric",
    "versions": [
      {
        "status": "affected",
        "version": "Version 2022 w/ Advanced Reporting Module"
      },
      {
        "status": "affected",
        "version": "Version 2024 w/ Advanced Reporting Module"
      }
    ]
  }
]

Source	Link
download	www.download.schneider-electric.com/files

15 Apr 2026 00:35Current

6.9Medium risk

Vulners AI Score6.9

CVSS 3.17.5

EPSS0.00089

SSVC

CWE-918