CVE-2025-13844_CVE-2025-13844

8.4 / 10

HIGH

CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:L/SI:L/SA:L

Description

CWE-415: Double Free vulnerability exists that could cause heap memory corruption when the end user imports a malicious project file (SSD file) shared by the attacker into Rapsody.

Basic Information

ID CVE-2025-13844

Source schneider

Published Jan 15, 2026 at 18:28

Affected Product

Vendor Schneider Electric

Product EcoStruxure Power Build Rapsody

Version FR v2.8.1 and prior

Affected Versions Schneider Electric EcoStruxure Power Build Rapsody FR v2.8.1 and prior
Schneider Electric EcoStruxure Power Build Rapsody INT v2.8.6 and prior
Schneider Electric EcoStruxure Power Build Rapsody ES v2.8.5 and prior
Schneider Electric EcoStruxure Power Build Rapsody BEL (NL) v2.8.3 and prior
Schneider Electric EcoStruxure Power Build Rapsody BEL (FR) v2.8.8 and prior

CWE Classification

CWE-415

References

download.schneider-electric.com /files

{
    "lastseen": "",
    "description": "CWE-415: Double Free vulnerability exists that could cause heap memory corruption when the end user imports a malicious project file (SSD file) shared by the attacker into Rapsody.",
    "published": "2026-01-15T18:28:37.316Z",
    "modified": "2026-01-15T18:28:37.316Z",
    "type": "cve",
    "title": "CVE-2025-13844",
    "source": "schneider",
    "references": "https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2026-013-04&p_enDocType=Security+and+Safety+Notice&p_File_Name=SEVD-2026-013-04.pdf",
    "id": "CVE-2025-13844",
    "bulletinFamily": "",
    "cwe": [
        "CWE-415"
    ],
    "cvelist": null,
    "sourceData": "Schneider Electric EcoStruxure Power Build Rapsody FR v2.8.1 and prior\nSchneider Electric EcoStruxure Power Build Rapsody INT v2.8.6 and prior\nSchneider Electric EcoStruxure Power Build Rapsody ES v2.8.5 and prior\nSchneider Electric EcoStruxure Power Build Rapsody BEL (NL) v2.8.3 and prior\nSchneider Electric EcoStruxure Power Build Rapsody BEL (FR) v2.8.8 and prior",
    "sourceHref": "",
    "cvss": {
        "score": 8.4,
        "severity": "HIGH",
        "vector": "CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:L/SI:L/SA:L",
        "version": "4.0"
    },
    "cvss2": [],
    "cvss3": {
        "version": "",
        "vectorString": "",
        "baseScore": 0,
        "baseSeverity": "",
        "attackVector": "",
        "attackComplexity": "",
        "privilegesRequired": "",
        "userInteraction": "",
        "scope": "",
        "confidentialityImpact": "",
        "integrityImpact": "",
        "availabilityImpact": "",
        "cvssV3": {
            "version": "",
            "vectorString": "",
            "baseScore": 0,
            "baseSeverity": "",
            "attackVector": "",
            "attackComplexity": "",
            "privilegesRequired": "",
            "userInteraction": "",
            "scope": "",
            "confidentialityImpact": "",
            "integrityImpact": "",
            "availabilityImpact": ""
        }
    },
    "href": "",
    "category_name": "CVE",
    "post_link": "",
    "product": "EcoStruxure Power Build Rapsody",
    "version": "FR v2.8.1 and prior",
    "vendor": "Schneider Electric",
    "ai_description": "",
    "ai_severity": "",
    "ai_vendor": "",
    "ai_product": "",
    "ai_version": "",
    "ai_score": 0
}