Volerion logoVolerion
Volerion logoVolerion

Schneider Electric EcoStruxure IT Data Center Expert Improper Privilege Management Vulnerability Allowing Privilege Escalation

Vulnerability

A vulnerability allowing improper privilege management has been identified in Schneider Electric's EcoStruxure IT Data Center Expert, all versions through 8.3. This vulnerability could lead to privilege escalation when the server is accessed by a privileged account via a console, exploiting a setup script.

Impact

Exploitation of this vulnerability could result in unauthorized privilege escalation, allowing a user to gain elevated rights or access within the application or system.

Remediation

Users can upgrade to version 9.0 of EcoStruxure IT Data Center Expert, which includes fixes for this vulnerability. This version is available upon request from Schneider Electric's Customer Care Center. Customers should evaluate the impact of the upgrade in a Test and Development environment or on an offline infrastructure before applying it.

Added: Jul 11, 2025, 11:19 AM
Updated: Jul 11, 2025, 11:19 AM

Vulnerability Rating

Custom Algorithm
spread
2.6
impact
7.5
exploitability
3.0
remediation
7.9
relevance
0.2
threat
0.0
urgency
2.9
incentive
1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.