Schneider Electric EcoStruxure Power Build Rapsody
MonitorCVSS 5.3ICS-CERT ICSA-25-023-05Jan 14, 2025
Schneider ElectricEnergy
Attack path
Attack VectorLocal
Auth RequiredNone
ComplexityLow
User InteractionRequired
Summary
EcoStruxure Power Build Rapsody contains a heap-based and stack-based buffer overflow vulnerability in its handling of single-line diagram files. The vulnerability exists in versions NL ≤2.5.2, FR ≤2.7.1, ES ≤2.7.5, and INT ≤2.6.4. A local attacker could craft a malicious diagram file that, when opened or imported by a user, triggers memory corruption and arbitrary code execution on the engineering workstation.
What this means
What could happen
A local attacker with access to a computer running EcoStruxure Power Build Rapsody could exploit a buffer overflow vulnerability to execute arbitrary code, potentially allowing them to modify single-line diagrams or bill of materials that engineers use to design and verify switchboard configurations.
Who's at risk
Energy sector organizations using EcoStruxure Power Build Rapsody for switchboard design and engineering—primarily electrical engineers and system integrators who create and modify power distribution single-line diagrams and bill-of-materials documents.
How it could be exploited
An attacker with local access to an engineering workstation running EcoStruxure Power Build Rapsody could trigger a heap or stack-based buffer overflow by crafting a malicious single-line diagram file or import data. Successful exploitation allows the attacker to run arbitrary code on that workstation with the privileges of the user running the application.
Prerequisites
- Local access to a computer running EcoStruxure Power Build Rapsody
- User interaction required (opening or importing a malicious file)
- No special credentials required beyond basic user account access
Local access requiredLow attack complexityUser interaction required to triggerNo authentication bypassLow EPSS score (0.1%)
Exploitability
Unlikely to be exploited — EPSS score 0.1%
Affected products (2)
2 with fix
ProductAffected VersionsFix Status
EcoStruxure™ Power Build Rapsody≤ 2.5.2 NL≤ 2.7.1 FR≤ 2.7.5 ES≤ 2.6.4 INT2.7.2 NL
EcoStruxure Power Build Rapsody≤ 2.5.2 NL≤ 2.7.1 FR≤ 2.7.5 ES≤ 2.6.4 INT2.7.2_NL
Remediation & Mitigation
0/6
Schedule — requires maintenance window
0/4Patching may require device reboot — plan for process interruption
EcoStruxure Power Build Rapsody
HOTFIXUpdate EcoStruxure Power Build Rapsody NL installations to version 2.7.2 or later and reboot the system
HOTFIXUpdate EcoStruxure Power Build Rapsody FR installations to version 2.7.12 or later and reboot the system
HOTFIXUpdate EcoStruxure Power Build Rapsody ES installations to version 2.7.52 or later and reboot the system
HOTFIXUpdate EcoStruxure Power Build Rapsody INT installations to version 2.8.4 or later and reboot the system
Long-term hardening
0/2EcoStruxure Power Build Rapsody
HARDENINGRestrict access to EcoStruxure Power Build Rapsody to authorized engineering staff only; avoid running the application on shared or multi-user workstations
All products
HARDENINGTrain users not to open or import single-line diagram files from untrusted sources
CVEs (1)
↑↓ Navigate · Esc Close
API:
/api/v1/advisories/d2261221-5838-44ed-a54f-b498e076594aGet OT security insights every Tuesday
Advisory breakdowns, a weekly summary, and incident analyses for the people actually defending OT environments. Free, no account required.