CVE-2025-8449_CVE-2025-8449

4.1 / 10

MEDIUM

CVSS:4.0/AV:A/AC:H/AT:N/PR:L/UI:P/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N

Description

CWE-400: Uncontrolled Resource Consumption vulnerability exists that could cause a denial of service when an authenticated user sends a specially crafted request to a specific endpoint from within the BMS network.

Basic Information

ID CVE-2025-8449

Source schneider

Published Aug 20, 2025 at 13:55

Affected Product

Vendor Schnieder Electric

Product EcoStruxureTM Building Operation Enterprise Server

Version Versions prior to 7.0.1

Affected Versions Schnieder Electric EcoStruxureTM Building Operation Enterprise Server Versions prior to 7.0.1
Schneider Electric EcoStruxureTM Enterprise Server Versions prior to 7.0.1
Schneider Eelctric EcoStruxureTM Workstation Versions prior to 7.0.1

CWE Classification

CWE-400

References

download.schneider-electric.com /files

{
    "lastseen": "",
    "description": "CWE-400: Uncontrolled Resource Consumption vulnerability exists that could cause a denial of service when an authenticated user sends a specially crafted request to a specific endpoint from within the BMS network.",
    "published": "2025-08-20T13:55:34.397Z",
    "modified": "2025-08-20T13:55:34.397Z",
    "type": "cve",
    "title": "CVE-2025-8449",
    "source": "schneider",
    "references": "https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2025-224-04&p_enDocType=Security+and+Safety+Notice&p_File_Name=SEVD-2025-224-04.pdf",
    "id": "CVE-2025-8449",
    "bulletinFamily": "",
    "cwe": [
        "CWE-400"
    ],
    "cvelist": null,
    "sourceData": "Schnieder Electric EcoStruxureTM Building Operation Enterprise Server Versions prior to 7.0.1\nSchneider Electric EcoStruxureTM Enterprise Server Versions prior to 7.0.1\nSchneider Eelctric EcoStruxureTM Workstation Versions prior to 7.0.1",
    "sourceHref": "",
    "cvss": {
        "score": 4.1,
        "severity": "MEDIUM",
        "vector": "CVSS:4.0/AV:A/AC:H/AT:N/PR:L/UI:P/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N",
        "version": "4.0"
    },
    "cvss2": [],
    "cvss3": {
        "version": "",
        "vectorString": "",
        "baseScore": 0,
        "baseSeverity": "",
        "attackVector": "",
        "attackComplexity": "",
        "privilegesRequired": "",
        "userInteraction": "",
        "scope": "",
        "confidentialityImpact": "",
        "integrityImpact": "",
        "availabilityImpact": "",
        "cvssV3": {
            "version": "",
            "vectorString": "",
            "baseScore": 0,
            "baseSeverity": "",
            "attackVector": "",
            "attackComplexity": "",
            "privilegesRequired": "",
            "userInteraction": "",
            "scope": "",
            "confidentialityImpact": "",
            "integrityImpact": "",
            "availabilityImpact": ""
        }
    },
    "href": "",
    "category_name": "CVE",
    "post_link": "",
    "product": "EcoStruxureTM Building Operation Enterprise Server",
    "version": "Versions prior to 7.0.1",
    "vendor": "Schnieder Electric",
    "ai_description": "",
    "ai_severity": "",
    "ai_vendor": "",
    "ai_product": "",
    "ai_version": "",
    "ai_score": 0
}