PatchSiren cyber security CVE debrief
CVE-2025-46817 Schneider Electric CVE debrief
CVE-2025-46817 is a high-severity Schneider Electric issue affecting ProLeiT Plant iT/Brewmaxx. The supplied CVSS vector (AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H) indicates a local attack path with low privileges and no user interaction, but with high impact if exploited. Schneider Electric's Patch ProLeiT-2025-001 reduces risk by disabling Redis eval commands on affected components, enforcing secure Redis templates, and requiring a restart of patched servers and workstations.
- Vendor
- Schneider Electric
- Product
- ProLeiT
- CVSS
- HIGH 7
- CISA KEV
- Not listed in stored evidence
- Original CVE published
- 2026-01-13
- Original CVE updated
- 2026-03-24
- Advisory published
- 2026-01-13
- Advisory updated
- 2026-03-24
Who should care
Schneider Electric ProLeiT Plant iT/Brewmaxx operators, OT/ICS administrators, integrators, and support teams responsible for Application Server, VisuHub, Engineering Workstations, or workstations with emergency-mode functionality.
Technical summary
The supplied advisory data ties CVE-2025-46817 to Schneider Electric ProLeiT Plant iT/Brewmaxx (vers:intdot/>=9.60) and the vendor patch ProLeiT-2025-001. The remediation text says the patch reduces exploit risk by disabling Redis eval commands on the Application Server, VisuHub, Engineering Workstations, and workstations with emergency-mode functionality, and by forcing secure Redis configuration templates. The CVSS 3.1 vector (AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H) suggests the issue requires local access and low privileges, but can still lead to high confidentiality, integrity, and availability impact.
Defensive priority
High. Patch affected systems as soon as operationally feasible, especially in shared OT environments where local access is possible. Because the vendor fix is available and the impact is rated high, defer only for coordinated maintenance if you must preserve plant uptime.
Recommended defensive actions
- Apply Patch ProLeiT-2025-001 from ProLeiT Support to all affected installations.
- Disable Redis eval commands on the Application Server, VisuHub, Engineering Workstations, and any workstation with emergency-mode functionality, as directed by the vendor patch.
- Force the secure Redis configuration templates in system settings exactly as documented in the patch manual.
- Restart all patched servers and workstations after deployment, then verify the patched configuration is active.
Evidence notes
CISA's CSAF advisory ICSA-26-083-03 for CVE-2025-46817 was published on 2026-01-13 and republished on 2026-03-24 with Schneider Electric CPCERT SEVD-2026-013-01 content. The source metadata names the affected product family as Schneider Electric ProLeiT Plant iT/Brewmaxx and includes the vendor remediation text for Patch ProLeiT-2025-001. No exploit code or unsupported attack details are included here.
Official resources
-
CVE-2025-46817 CVE record
CVE.org
-
CVE-2025-46817 NVD detail
NVD
-
Source item URL
cisa_csaf
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
Publicly disclosed in CISA ICS advisory ICSA-26-083-03 on 2026-01-13; CISA republished the Schneider Electric CPCERT SEVD-2026-013-01 advisory content on 2026-03-24.