Schneider Electric EcoStruxure

MonitorCVSS 4.5ICS-CERT ICSA-25-254-08Aug 12, 2025

Schneider ElectricEnergy

Attack path

Attack VectorAdjacent

Auth RequiredLow

ComplexityHigh

User InteractionRequired

Summary

Multiple vulnerabilities in EcoStruxure™ Building Operation (EBO) software suite could allow credential theft and unauthorized access from within the Building Management System (BMS) network, potentially leading to data breaches and operational disruptions. Affected components include Enterprise Server, Enterprise Central, and Workstation across versions 5.x, 6.x, and 7.x.

What this means

What could happen

An attacker with network access to the BMS could steal credentials or execute commands, potentially disrupting building control operations (HVAC, lighting, access control) and accessing sensitive facility data.

Who's at risk

Energy and building facility managers operating Schneider Electric EcoStruxure Building Operation software for HVAC, lighting, access control, and facility automation. Affects any deployment of Enterprise Server, Enterprise Central, or Workstation components across versions 5.x, 6.x, and 7.x.

How it could be exploited

An attacker on the BMS network could exploit these vulnerabilities to steal credentials from the EBO application, then use those credentials to gain unauthorized access and execute commands within the building management environment.

Prerequisites

Network access to the EcoStruxure Building Operation software
Presence on the internal BMS network
Low privileges or user interaction (based on CVSS PR:L/UI:R rating)

Remotely exploitable from BMS networkLow authentication complexityAffects building control and facility management systemsMultiple versions affected requiring coordinated patching

Exploitability

Unlikely to be exploited — EPSS score 0.0%

Affected products (9)

9 with fix

ProductAffected VersionsFix Status

EcoStruxure™ Building Operation Enterprise Server All 7.x≥ 7.x|<7.0.2.3487.0.2.348

EcoStruxure™ Building Operation Enterprise Server All 6.x≥ 6.x|<6.0.4.10001CP87.0.2.348

EcoStruxure™ Building Operation Enterprise Server All 5.x≥ 5.x|<5.0.3.17009CP167.0.2.348

EcoStruxure™ Building Operation Enterprise Central All 7.x≥ 7.x|<7.0.2.3487.0.2.348

EcoStruxure™ Building Operation Enterprise Central All 6.x≥ 6.x|<6.0.4.10001CP87.0.2.348

EcoStruxure™ Building Operation Enterprise Central All 5.x≥ 5.x|<5.0.3.17009CP167.0.2.348

EcoStruxure™ Building Operation Workstation All 7.x≥ 7.x|<7.0.2.3487.0.2.348

EcoStruxure™ Building Operation Workstation All 6.x≥ 6.x|<6.0.4.10001CP87.0.2.348

Remediation & Mitigation

0/3

Do now

0/1

WORKAROUNDRestrict network access to the EcoStruxure Building Operation servers to only authorized workstations and management interfaces

Schedule — requires maintenance window

0/1

Patching may require device reboot — plan for process interruption

HOTFIXUpdate EcoStruxure Building Operation Enterprise Server to version 7.0.2.348 or version 6.0.4.10001CP8 or version 5.0.3.17009CP16 depending on your current major version

Long-term hardening

0/1

HARDENINGReview and apply EBO hardening guidelines from Schneider Electric's official documentation to harden the BMS configuration

CVEs (2)

CVE-2025-8449 CVE-2025-8448

View full CISA ICS-CERT advisory

↑↓ Navigate · Esc Close

API: /api/v1/advisories/cf40f47c-2853-4645-a8a4-eaf3806edbf9

Get OT security insights every Tuesday

Advisory breakdowns, a weekly summary, and incident analyses for the people actually defending OT environments. Free, no account required.