A use-after-free vulnerability has been identified in Schneider Electric's EcoStruxure Power Build Rapsody software, specifically in versions through 2.8.1.0300, 2.8.5.0200, 2.8.7.0100, 2.8.8.0100, 2.8.3.0100, 2.8.4.0300, and 2.8.2.0000. This vulnerability could allow remote code execution when a user imports a malicious project file (SSD file) into Rapsody.
Exploitation of this vulnerability could lead to memory corruption and arbitrary code execution.
Users can upgrade to EcoStruxure Power Build Rapsody versions 2.8.1.0401, 2.8.5.0301, 2.8.7.0101, 2.8.8.0201, 2.8.3.0201, 2.8.4.0401, and 2.8.2.000. After installing the new version, it is recommended to restart the service. For assistance, contact Schneider Electric's Customer Care Center.
Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.
