PatchSiren cyber security CVE debrief
CVE-2025-0815 Schneider Electric CVE debrief
CVE-2025-0815 is a Medium-severity Schneider Electric issue affecting the Enerlin'X IFE interface and Enerlin'X eIFE, both listed as all versions in the CISA CSAF advisory ICSA-25-079-02. The problem is described as a CWE-20 improper input validation weakness that could allow a denial-of-service condition when malicious ICMPv6 packets are sent to the device. The advisory does not describe a patch in the supplied source item; instead, it recommends reducing exposure through network protection measures. For operators of these devices in industrial or building-automation environments, the main concern is service availability on networks where the products are reachable from untrusted or poorly segmented segments.
- Vendor
- Schneider Electric
- Product
- Enerlin'X IFE interface
- CVSS
- MEDIUM 6.5
- CISA KEV
- Not listed in stored evidence
- Original CVE published
- 2025-02-11
- Original CVE updated
- 2025-02-11
- Advisory published
- 2025-02-11
- Advisory updated
- 2025-02-11
Who should care
Schneider Electric customers and operators running Enerlin'X IFE interface or Enerlin'X eIFE devices, especially industrial control, facilities, and OT network teams responsible for network segmentation, firewalling, and access control.
Technical summary
The supplied CSAF advisory maps CVE-2025-0815 to Schneider Electric Enerlin'X IFE interface (LV434001) and Enerlin'X eIFE (LV851001), both affected as all versions. The flaw is classified as CWE-20 improper input validation and is tied to denial of service when malformed or malicious ICMPv6 packets reach the device. The provided CVSS vector is CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H, indicating an adjacent-network attack with high availability impact and no confidentiality or integrity impact in the vendor-provided scoring.
Defensive priority
Medium. The issue is network-triggered and can affect availability, but the corpus does not indicate confirmed exploitation, KEV listing, or weaponization. Prioritize exposure reduction on any reachable affected device.
Recommended defensive actions
- Place affected devices only in protected, trusted network environments and avoid exposing them to public internet or untrusted networks.
- Use network segmentation and a firewall to block unauthorized access to ports supported by the product, following the vendor user guide.
- Implement the Access Control List guidance referenced in the Schneider Electric cybersecurity guide and user guide.
- Review the Schneider Electric security notification service to track updates, affected-product details, and remediation guidance.
- Validate whether any Enerlin'X IFE/eIFE assets are reachable from adjacent or untrusted network segments and reduce reachability where possible.
Evidence notes
All key claims are drawn from the supplied CISA CSAF advisory ICSA-25-079-02 and its Schneider Electric references. The advisory states the vulnerability is CWE-20 improper input validation causing DoS via malicious ICMPv6 packets, identifies the affected products as Enerlin'X IFE interface (LV434001) and Enerlin'X eIFE (LV851001) with all versions affected, and lists mitigations focused on protected environments, segmentation, firewalling, and ACLs. The enrichment data shows no KEV listing and no known ransomware campaign use.
Official resources
-
CVE-2025-0815 CVE record
CVE.org
-
CVE-2025-0815 NVD detail
NVD
-
Source item URL
cisa_csaf
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
Published by CISA and Schneider Electric on 2025-02-11 (per the supplied advisory timeline and source metadata). The supplied corpus does not indicate a later revision in this record.