PatchSiren cyber security CVE debrief
CVE-2025-50122 Schneider Electric CVE debrief
CVE-2025-50122 is a high-severity issue in Schneider Electric EcoStruxure IT Data Center Expert version 8.3 and earlier. According to the advisory, access to installation or upgrade artifacts could enable reverse engineering of the password generation algorithm and lead to root password discovery.
- Vendor
- Schneider Electric
- Product
- EcoStruxure™ IT Data Center Expert
- CVSS
- HIGH 8.3
- CISA KEV
- Not listed in stored evidence
- Original CVE published
- 2025-07-08
- Original CVE updated
- 2025-07-08
- Advisory published
- 2025-07-08
- Advisory updated
- 2025-07-08
Who should care
Organizations running Schneider Electric EcoStruxure IT Data Center Expert, especially administrators, OT/IT operations teams, and security teams responsible for system images, installers, or upgrade artifacts.
Technical summary
The advisory identifies a CWE-331 insufficient entropy weakness. The risk scenario described is that, if an attacker obtains installation or upgrade artifacts, they may be able to reverse engineer the password generation algorithm and discover the root password. CISA’s CSAF records the affected product as EcoStruxure IT Data Center Expert version 8.3 and prior, with a CVSS v3.1 score of 8.3 and vector AV:A/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H.
Defensive priority
High. This affects a privileged credential and the vendor states a fix is available. Systems using the affected product should be prioritized for upgrade and hardening, especially where installation or upgrade artifacts are stored or accessible.
Recommended defensive actions
- Upgrade to EcoStruxure IT Data Center Expert version 9.0, which Schneider Electric states includes fixes, and obtain it through the Customer Care Center.
- If immediate upgrade is not possible, apply the vendor-referenced hardening guidance in the EcoStruxure IT Data Center Expert Security Handbook.
- Restrict access to installation and upgrade artifacts and review where those artifacts are stored, copied, or archived.
- Audit for unexpected administrative access or credential exposure, and rotate impacted credentials if exposure is suspected.
- Follow CISA industrial control system recommended practices and defense-in-depth guidance for layered protection.
Evidence notes
All substantive claims are drawn from the supplied CISA CSAF advisory record for ICSA-25-203-06 and its Schneider Electric references. The advisory text states the issue is CWE-331 insufficient entropy, may allow root password discovery via reverse engineering of installation or upgrade artifacts, affects version 8.3 and prior, and is fixed in version 9.0. CVSS and timing come from the supplied record and timeline fields.
Official resources
-
CVE-2025-50122 CVE record
CVE.org
-
CVE-2025-50122 NVD detail
NVD
-
Source item URL
cisa_csaf
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
Published and modified on 2025-07-08 UTC per the supplied timeline. The source advisory is identified as CISA CSAF original release 1.0.0 for ICSA-25-203-06.