CVE-2025-8448

🗓️ 20 Aug 2025 13:58:53Reported by schneiderType

cve🔗 web.nvd.nist.gov📰️ 3 Media mentions👁 11 Views

CVE-2025-8448 CWE-200: Unauthorized credential data exposure via local SMB traffic capture.

Reporter	Title	Published	Views	Family All 8
Circl	CVE-2025-8448	11 Sep 202510:00	–	circl
CNNVD	Schneider Electric EcoStruxure Building Operation Enterprise Server和Schneider Electric EcoStruxure Enterprise Server 信息泄露漏洞	20 Aug 202500:00	–	cnnvd
Cvelist	CVE-2025-8448	20 Aug 202513:58	–	cvelist
EUVD	EUVD-2025-25327	3 Oct 202520:07	–	euvd
NVD	CVE-2025-8448	20 Aug 202514:15	–	nvd
Positive Technologies	PT-2025-34059	12 Aug 202500:00	–	ptsecurity
RedhatCVE	CVE-2025-8448	22 Aug 202514:31	–	redhatcve
Vulnrichment	CVE-2025-8448	20 Aug 202513:58	–	vulnrichment

[
  {
    "defaultStatus": "unaffected",
    "product": "EcoStruxure Building Operation Enterprise Server",
    "vendor": "Schneider Eelctric",
    "versions": [
      {
        "lessThan": "7.0.2.348",
        "status": "affected",
        "version": "All 7.x versions",
        "versionType": "version"
      },
      {
        "lessThan": "6.0.4.10001 (CP8)",
        "status": "affected",
        "version": "All 6.x versions",
        "versionType": "version"
      },
      {
        "lessThan": "5.0.3.17009 (CP16)",
        "status": "affected",
        "version": "All 5.x versions",
        "versionType": "version"
      }
    ]
  },
  {
    "defaultStatus": "unaffected",
    "product": "EcoStruxure Enterprise Server",
    "vendor": "Schneider Electric",
    "versions": [
      {
        "lessThan": "7.0.2.348",
        "status": "affected",
        "version": "All 7.x versions",
        "versionType": "version"
      },
      {
        "lessThan": "6.0.4.10001 (CP8)",
        "status": "affected",
        "version": "All 6.x versions",
        "versionType": "version"
      },
      {
        "lessThan": "5.0.3.17009 (CP16)",
        "status": "affected",
        "version": "All 5.x versions",
        "versionType": "version"
      }
    ]
  },
  {
    "defaultStatus": "unaffected",
    "product": "EcoStruxure Building Operation Workstation",
    "vendor": "Schneider Eelctric",
    "versions": [
      {
        "lessThan": "7.0.2.348",
        "status": "affected",
        "version": "All 7.x versions",
        "versionType": "version"
      },
      {
        "lessThan": "6.0.4.10001 (CP8)",
        "status": "affected",
        "version": "All 6.x versions",
        "versionType": "version"
      },
      {
        "lessThan": "5.0.3.17009 (CP16)",
        "status": "affected",
        "version": "All 5.x versions",
        "versionType": "version"
      }
    ]
  }
]

Source	Link
download	www.download.schneider-electric.com/files

15 Apr 2026 00:35Current

6.7Medium risk

Vulners AI Score6.7

CVSS 41

EPSS0.00036

SSVC

CWE-200