Incorrect Default Permissions Vulnerability on EcoStruxure™ Process Expert
Plan Patch7.3SEVD-2026-013-02Jan 13, 2026
Attack VectorLocal
Auth RequiredLow
ComplexityLow
User InteractionRequired
Summary
A vulnerability in EcoStruxure™ Process Expert and EcoStruxure™ Process Expert for AVEVA System Platform allows local users to modify executable binaries due to incorrect default file permissions. This could enable privilege escalation and compromise the integrity of the automation platform used to engineer, operate, and maintain industrial infrastructure. The platform provides asset-centric automation and system-wide deployment of standards across digital ecosystems.
What this means
What could happen
An attacker with local access to an engineering workstation could modify executable files due to incorrect file permissions, allowing them to escalate privileges and potentially gain administrative control over the automation platform and connected industrial processes.
Who's at risk
Energy and manufacturing organizations using EcoStruxure™ Process Expert for automation platform engineering, asset management, and production planning. This affects anyone responsible for maintaining the engineering workstations and control systems that manage plant operations and infrastructure.
How it could be exploited
An attacker with user-level access to a Windows workstation running EcoStruxure™ Process Expert could exploit weak file system permissions to modify executable binaries. This would allow them to inject malicious code that runs with elevated privileges when the application is executed, giving them control over the automation system and any connected equipment or processes.
Prerequisites
- Local access to the engineering workstation running EcoStruxure™ Process Expert
- User-level (non-administrative) account on the Windows system
- Interactive session or ability to trigger application execution
default/weak permissionsprivilege escalation possibleaffects automation platform integrityaffects engineering workstations
Exploitability
Low exploit probability (EPSS 0.0%)
Affected products (2)
2 with fix
ProductAffected VersionsFix Status
EcoStruxure™ Process Expert All VersionsAll versions2025
EcoStruxure™ Process Expert<20252025
Remediation & Mitigation
0/3
Do now
0/1EcoStruxure™ Process Expert
HARDENINGRestrict file system permissions on EcoStruxure™ Process Expert installation directories to prevent non-administrative users from modifying executable files and libraries
Schedule — requires maintenance window
0/1Patching may require device reboot — plan for process interruption
EcoStruxure™ Process Expert
HOTFIXUpgrade EcoStruxure™ Process Expert to version 2025 or later
Long-term hardening
0/1HARDENINGLimit user accounts with local access to engineering workstations to only those who require it for their role
CVEs (1)
↑↓ Navigate · Esc Close
API:
/api/v1/advisories/9d8b07b1-164c-41a5-ab4e-6299b785de99