CVE-2025-13905 Schneider Electric CVE debrief

Who should care

Organizations running Schneider Electric EcoStruxure™ Process Expert, especially OT/ICS teams, system administrators, and site operators who allow local user access on affected systems. Environments with shared workstations or broader local account access should pay particular attention.

Technical summary

The supplied CSAF advisory describes CWE-276 (Incorrect Default Permissions) affecting EcoStruxure™ Process Expert. The issue allows a local user with standard privileges to alter executable service binaries in the installation folder. If the service is restarted, the modified binaries may be leveraged for privilege escalation. The supplied CVSS vector is CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H, matching the reported 7.3 HIGH severity.

Defensive priority

High. The vulnerability is local in nature, but it affects a product used in industrial environments and can lead to elevated privileges if an attacker already has local access. Apply the vendor fix or the listed mitigations as soon as practical on any exposed installation.

Recommended defensive actions

• Upgrade to Version 2025 of EcoStruxure™ Process Expert, which the vendor states includes a fix for this vulnerability.
• Until remediation is available on future versions, apply application whitelisting at the system level to allow execution only of authenticated applications.
• Restrict access to the system to only the required users.

Evidence notes

The source corpus is the CISA CSAF advisory ICSA-26-022-01 for Schneider Electric. It explicitly states: "CWE-276 : Incorrect Default Permissions vulnerability exists that could cause privilege escalation through the reverse shell when one or more executable service binaries are modified in the installation folder by a local user with normal privilege upon service restart." The revision history shows an initial release on 2026-01-13 and a CISA republication on 2026-01-22 based on Schneider Electric advisory SEVD-2026-013-02.

Official resources