Schneider Electric EcoStruxure

Monitor4.5ICS-CERT ICSA-25-254-08Aug 12, 2025

Attack VectorAdjacent

Auth RequiredLow

ComplexityHigh

User InteractionRequired

Summary

Multiple vulnerabilities in EcoStruxure™ Building Operation (EBO) Enterprise Server, Enterprise Central, and Workstation software affect all 5.x, 6.x, and 7.x versions. The vulnerabilities include resource exhaustion (CWE-400) and information disclosure (CWE-200). Failure to patch may result in credential theft, unauthorized access, remote code execution from within the BMS network, data breaches, and operational disruptions to facility management and control systems.

What this means

What could happen

An attacker with local network access and limited user credentials could exhaust system resources or access sensitive data, potentially leading to denial of service of the building management system or unauthorized access to facility controls.

Who's at risk

Building automation and facility management operators using Schneider Electric EcoStruxure™ Building Operation systems. This affects enterprises managing HVAC, lighting, access control, and other facility systems through the EBO platform across all supported versions (5.x, 6.x, 7.x).

How it could be exploited

An attacker on the building management network with low-privilege user credentials could trigger a resource exhaustion condition (CWE-400) through the EBO application interface, or exploit an information disclosure flaw (CWE-200) to extract sensitive data. User interaction or specific configuration conditions are required, limiting immediate exploitation risk.

Prerequisites

Local/adjacent network access to the EBO server or workstation
Low-privilege user account on the EBO system
User interaction or specific application configuration state

Local network access requiredLow privilege requiredUser interaction neededResource exhaustion possibleInformation disclosure possible

Exploitability

Low exploit probability (EPSS 0.0%)

Affected products (9)

9 with fix

ProductAffected VersionsFix Status

EcoStruxure™ Building Operation Enterprise Server All 7.x≥ 7.x|<7.0.2.3487.0.2.348

EcoStruxure™ Building Operation Enterprise Server All 6.x≥ 6.x|<6.0.4.10001CP87.0.2.348

EcoStruxure™ Building Operation Enterprise Server All 5.x≥ 5.x|<5.0.3.17009CP167.0.2.348

EcoStruxure™ Building Operation Enterprise Central All 7.x≥ 7.x|<7.0.2.3487.0.2.348

EcoStruxure™ Building Operation Enterprise Central All 6.x≥ 6.x|<6.0.4.10001CP87.0.2.348

EcoStruxure™ Building Operation Enterprise Central All 5.x≥ 5.x|<5.0.3.17009CP167.0.2.348

EcoStruxure™ Building Operation Workstation All 7.x≥ 7.x|<7.0.2.3487.0.2.348

EcoStruxure™ Building Operation Workstation All 6.x≥ 6.x|<6.0.4.10001CP87.0.2.348

Remediation & Mitigation

0/4

Schedule — requires maintenance window

0/3

Patching may require device reboot — plan for process interruption

HOTFIXUpdate EcoStruxure™ Building Operation Enterprise Server to version 7.0.2.348 (7.x systems), 6.0.4.10001 CP8 (6.x systems), or 5.0.3.17009 CP16 (5.x systems)

HOTFIXUpdate EcoStruxure™ Building Operation Enterprise Central to version 7.0.2.348 (7.x systems), 6.0.4.10001 CP8 (6.x systems), or 5.0.3.17009 CP16 (5.x systems)

HOTFIXUpdate EcoStruxure™ Building Operation Workstation to version 7.0.2.348 (7.x systems), 6.0.4.10001 CP8 (6.x systems), or 5.0.3.17009 CP16 (5.x systems)

Long-term hardening

0/1

HARDENINGFollow EBO hardening guidelines from Schneider Electric (available in EBO documentation) to reduce attack surface

CVEs (2)

CVE-2025-8449 CVE-2025-8448

View full CISA ICS-CERT advisory

↑↓ Navigate · Esc Close

API: /api/v1/advisories/cf40f47c-2853-4645-a8a4-eaf3806edbf9