PatchSiren cyber security CVE debrief
CVE-2025-2223 Schneider Electric CVE debrief
CVE-2025-2223 affects Schneider Electric ConneXium Network Manager. According to the CISA CSAF advisory and Schneider Electric security notice, a malicious project file loaded by a user from the local system can trigger improper input validation and potentially impact the confidentiality, integrity, and availability of the engineering workstation. Schneider Electric also states the product has reached end of life, so the practical focus is on trusted-file handling, integrity checks, secure storage and transfer, and workstation/network hardening.
- Vendor
- Schneider Electric
- Product
- ConneXium Network Manager
- CVSS
- HIGH 7.8
- CISA KEV
- Not listed in stored evidence
- Original CVE published
- 2025-04-08
- Original CVE updated
- 2025-04-08
- Advisory published
- 2025-04-08
- Advisory updated
- 2025-04-08
Who should care
OT and ICS teams that operate or support Schneider Electric ConneXium Network Manager, especially engineering workstation owners, plant operators, OT administrators, and security teams responsible for project-file handling and workstation hardening.
Technical summary
The advisory describes a CWE-20 improper input validation issue in Schneider Electric ConneXium Network Manager. The supplied CVSS vector is CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H, indicating a local vector that requires user interaction. The described attack condition is a malicious project file loaded from the local system, which could lead to loss of confidentiality, integrity, and availability on the engineering workstation. The affected product entry lists Schneider Electric ConneXium Network Manager all versions.
Defensive priority
High. The issue can affect engineering workstations and the vendor identifies the product as end of life, so organizations should prioritize verification of project files, containment of file exchange paths, and migration planning where the product remains in use.
Recommended defensive actions
- Only open project files received from a trusted source.
- Compute and regularly verify cryptographic hashes for project files before use.
- Encrypt stored project files and restrict access to trusted users only.
- Use secure communication protocols when exchanging project files over the network.
- Follow workstation, network, and site-hardening guidance from Schneider Electric and CISA.
- Plan for replacement or migration because the product is reported as end of life and no longer supported.
Evidence notes
Source evidence comes from the CISA CSAF advisory ICSA-25-107-03 and Schneider Electric security notice SEVD-2025-098-01. Those sources identify CVE-2025-2223, the impacted product as Schneider Electric ConneXium Network Manager all versions, the flaw as CWE-20 improper input validation, the impact as potential loss of confidentiality, integrity, and availability on an engineering workstation, and the vendor remediation guidance including trusted-file handling, hash verification, encryption, secure transfer, and hardening. The supplied CVSS vector is AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H.
Official resources
-
CVE-2025-2223 CVE record
CVE.org
-
CVE-2025-2223 NVD detail
NVD
-
Source item URL
cisa_csaf
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
Published by CISA and Schneider Electric on 2025-04-08. The supplied enrichment does not mark the issue as KEV-listed.