Multiple Vulnerabilities on EcoStruxure Power Build Rapsody
Plan Patch7.8SEVD-2026-013-04Jan 13, 2026
Attack VectorLocal
Auth RequiredNone
ComplexityLow
User InteractionRequired
Summary
EcoStruxure Power Build Rapsody is vulnerable to heap-based and stack-based buffer overflow attacks (CWE-415, CWE-416) that could lead to memory corruption. The vulnerability exists in versions ES 2.8.5 and prior, FR 2.8.1 and prior, INT 2.8.6 and prior, BEL(NL) 2.8.3 and prior, BEL(FR) 2.8.8 and prior, PT 2.8.7 and prior, and NL 2.8.2 and prior. The software is used to enter or import single-line diagrams and generate bills of material for switchboard configuration. Local attackers who can provide malformed input to the application during file import or diagram processing could potentially execute arbitrary code.
What this means
What could happen
Buffer overflow vulnerabilities in EcoStruxure Power Build Rapsody could allow an attacker with local access to execute arbitrary code on the engineering workstation, potentially compromising the integrity of electrical system designs and bills of material used in switchboard configuration.
Who's at risk
Electrical utilities and energy companies using EcoStruxure Power Build Rapsody for switchboard design and bill of material generation should update immediately. This software is used by electrical engineers and technicians to create and manage single-line diagrams and component lists, making engineering workstations the primary target.
How it could be exploited
An attacker with local access to a machine running EcoStruxure Power Build Rapsody could trigger a heap-based or stack-based buffer overflow by providing malformed input (e.g., crafted single-line diagram files or bill of material data) when the application processes or imports design files. This could result in arbitrary code execution with the privileges of the user running the application.
Prerequisites
- Local access to the engineering workstation running EcoStruxure Power Build Rapsody
- Ability to provide input to the application (file import, diagram entry, or data import)
- User interaction required to process the malicious input
Local exploitation onlyUser interaction requiredNo authentication bypassMemory corruption vulnerabilitiesAffects engineering/design tools not PLCs directly
Exploitability
Low exploit probability (EPSS 0.0%)
Affected products (12)
12 with fix
ProductAffected VersionsFix Status
EcoStruxure Power Build Rapsody software ES 2.8.5 and prior≤ 2.8.5 ES2.8.1.0401 FR
EcoStruxure Power Build Rapsody software FR 2.8.1 and prior≤ 2.8.1 FR2.8.1.0401 FR
EcoStruxure Power Build Rapsody software INT 2.8.6 and prior≤ 2.8.6 INT2.8.1.0401 FR
EcoStruxure Power Build Rapsody software BEL(NL) 2.8.3 and prior≤ 2.8.3 BEL(NL)2.8.1.0401 FR
EcoStruxure Power Build Rapsody software BEL(FR) 2.8.8 and prior≤ 2.8.8 BEL(FR)2.8.1.0401 FR
EcoStruxure Power Build Rapsody software FR 2.8.1.0300 and prior≤ 2.8.1.0300 FR2.8.1.0401 FR
EcoStruxure Power Build Rapsody software ES 2.8.5.0200 and prior≤ 2.8.5.0200 ES2.8.1.0401 FR
EcoStruxure Power Build Rapsody software PT 2.8.7.0100 and prior≤ 2.8.7.0100 PT2.8.1.0401 FR
Remediation & Mitigation
0/4
Schedule — requires maintenance window
0/2Patching may require device reboot — plan for process interruption
HOTFIXUpdate EcoStruxure Power Build Rapsody to the patched version matching your locale: FR V2.8.1.0401, INT V2.8.6.200, ES V2.8.5.0301, PT V2.8.7.0101, INT(EN) V2.8.4.0401, NL V2.8.2.000, or contact Schneider Electric Customer Care for BEL(NL) V2.8.3.0201 and BEL(FR) V2.8.8.0201
HOTFIXRestart the EcoStruxure Power Build Rapsody service after installing the updated version
Long-term hardening
0/2HARDENINGRestrict local access to engineering workstations running EcoStruxure Power Build Rapsody to authorized personnel only
HARDENINGImplement file integrity monitoring on design files and bill of material imports to detect unauthorized modifications
CVEs (2)
↑↓ Navigate · Esc Close
API:
/api/v1/advisories/cbffd429-0cfc-4c3c-ae10-91a2ec852b2d