Schneider Electric EcoStruxure Power Build Rapsody
Easy fix9 remedies
cpe:2.3:a:schneider-electric:ecostruxure_power_build_-_rapsody:*:*:*:*:*:*:*, +1 more
Easy fix9 remedies
- <= v2.5.2
- <= v2.7.1
- <= v2.7.5
- <= v2.6.4
Schneider Electric EcoStruxure Power Build Rapsody Buffer Overflow Vulnerability Allowing Arbitrary Code Execution
Vulnerability
Patched
A buffer overflow vulnerability has been identified in Schneider Electric's EcoStruxure Power Build Rapsody software, specifically in versions through 2.6.4 INT, 2.7.5 ES, 2.7.1 FR, and 2.5.2 NL. This vulnerability, categorized as CWE-119, allows local attackers to exploit memory corruption issues, potentially leading to arbitrary code execution when a malicious project file is opened.
Impact
Exploitation of this vulnerability could result in memory corruption and heap- or stack-based buffer overflows, allowing local attackers to execute arbitrary code.
Remediation
Users can upgrade to EcoStruxure Power Build Rapsody versions 2.7.12 FR, 2.7.2 NL, 2.7.5 ES, or 2.8.4 INT, all of which include a fix for this vulnerability. After installing the new version, it is recommended to reboot the system. For assistance with patch removal, contact Schneider Electric's Customer Care Center.
Added: Jun 9, 2025, 7:46 PM
Updated: Jun 9, 2025, 7:46 PM
Vulnerability Rating
Custom Algorithm
spread
4.2impact
10.0exploitability
4.4remediation
7.9relevance
0.0threat
0.0urgency
2.9incentive
1.7Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.