Multiple Third-Party Vulnerabilities on ProLeiT Plant iT/Brewmaxx

Act Now10SEVD-2026-013-01Jan 13, 2026

Attack VectorNetwork

Auth RequiredNone

ComplexityLow

User InteractionNone needed

Summary

Schneider Electric Plant iT/Brewmaxx versions 9.60 and later contain multiple vulnerabilities in the bundled Redis open-source database that allow privilege escalation and remote code execution. The integrated Redis instance accepts unsafe eval commands without authentication, allowing an attacker on the network to run arbitrary code on the Application Server, VisuHub, Engineering Workstations, or emergency mode Workstations. Successful exploitation could alter process parameters, disable safety functions, or stop production operations.

What this means

What could happen

An attacker with network access to Plant iT could execute arbitrary code on your process control servers and workstations, potentially altering production setpoints, disabling alarms, or stopping batch operations.

Who's at risk

This affects process manufacturing environments using ProLeiT Plant iT/Brewmaxx as their process control and MES platform. Specifically, Application Servers running the control logic, VisuHub (visualization/monitoring server), Engineering Workstations where operators configure the system, and Workstations with emergency mode functionality are at risk. Energy and manufacturing sectors with batch or continuous process operations are most impacted.

How it could be exploited

An attacker on your network sends specially crafted Redis commands to the integrated Redis database in Plant iT, leveraging unsafe eval functionality to execute arbitrary code. This bypasses the PLC application and runs directly on the application server or engineering workstation.

Prerequisites

Network access to Redis port (typically 6379) on Application Server, VisuHub, or Engineering Workstations
No authentication required (default Redis configuration)
Plant iT version 9.60 or later

Remotely exploitableNo authentication requiredLow complexity attackCVSS 10 (critical)High EPSS score (13.2%)Affects process control and MES systemsCode execution on multiple server types

Exploitability

High exploit probability (EPSS 13.2%)

Affected products (1)

ProductAffected VersionsFix Status

ProLeiT Plant iT/Brewmaxx≥ 9.60ProLeiT-2025-001

Remediation & Mitigation

0/4

Do now

0/4

HOTFIXInstall Patch ProLeiT-2025-001 immediately on all Application Servers, VisuHub instances, Engineering Workstations, and Workstations with emergency mode functionality

HOTFIXAfter patching, restart all affected Servers and Workstations to ensure Redis eval command disabling takes effect

HARDENINGConfigure and enforce secure Redis configuration templates in Plant iT system settings as documented in the patch manual

HARDENINGRestrict network access to Redis ports (6379) to only authorized Plant iT workstations and servers; implement firewall rules to block external access to these ports

CVEs (4)

CVE-2025-49844 CVE-2025-46817 CVE-2025-46818 CVE-2025-46819

View full Schneider Electric advisory

↑↓ Navigate · Esc Close

API: /api/v1/advisories/eeac2cf4-8daa-4a01-91cc-14de7126eded