PatchSiren cyber security CVE debrief
CVE-2025-5742 Schneider Electric CVE debrief
CVE-2025-5742 is a medium-severity cross-site scripting issue in Schneider Electric EVLink WallBox. According to the advisory, an authenticated user can modify configuration parameters on the web server in a way that allows improper input handling during page generation. The affected product is listed as EVLink WallBox all versions, and Schneider Electric notes the product has reached end of life with no fix planned. The primary defensive path is to reduce exposure of the device web interface, tighten access control, and move to the replacement product where feasible.
- Vendor
- Schneider Electric
- Product
- EVLink WallBox
- CVSS
- MEDIUM 5.4
- CISA KEV
- Not listed in stored evidence
- Original CVE published
- 2025-06-10
- Original CVE updated
- 2025-07-08
- Advisory published
- 2025-06-10
- Advisory updated
- 2025-07-08
Who should care
Operators and maintainers of Schneider Electric EVLink WallBox deployments, especially teams that manage the device’s web interface on OT/ICS networks. Security teams responsible for segmentation, firewall policy, account hygiene, and lifecycle planning for end-of-life industrial or building-management equipment should also review this advisory.
Technical summary
The advisory describes a CWE-79 cross-site scripting weakness that appears when an authenticated user modifies configuration parameters on the web server. The supplied CVSS vector is CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N, which indicates network reachability, low attack complexity, required privileges, required user interaction, and limited confidentiality/integrity impact with no availability impact. The source data names Schneider Electric EVLink WallBox as affected across all versions and states the product is end of life, so remediation is limited to mitigations and replacement planning.
Defensive priority
Medium. The issue is remotely reachable but requires authentication and user interaction, and the affected product is end of life. Prioritize exposure reduction on any deployed EVLink WallBox instance, especially if the web interface is reachable outside a tightly controlled management network.
Recommended defensive actions
- Restrict or block unauthorized access to the device’s HTTP/web management ports using firewall rules and network segmentation.
- Limit access to the web interface to trusted administrative hosts only, and review whether any exposure is broader than necessary.
- Check access logs periodically for unexpected or suspicious configuration changes.
- Use strong unique passwords, do not share credentials, and change passwords periodically.
- Plan migration to the replacement product, EVLink Pro AC, since Schneider Electric states EVLink WallBox is end of life and no fix is planned.
Evidence notes
All factual claims are taken from the supplied CISA CSAF advisory ICSA-25-175-04 and the Schneider Electric security notice SEVD-2025-161-03 referenced in the source corpus. The advisory identifies CVE-2025-5742 as CWE-79 XSS, affecting Schneider Electric EVLink WallBox all versions, with the condition that an authenticated user modifies configuration parameters on the web server. The provided record includes a CVSS 3.1 vector of AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N and lists mitigation guidance plus the replacement product EVLink Pro AC. Published date is 2025-06-10; source modified date is 2025-07-08. The provided data does not list the issue in CISA KEV and does not note ransomware campaign use.
Official resources
-
CVE-2025-5742 CVE record
CVE.org
-
CVE-2025-5742 NVD detail
NVD
-
Source item URL
cisa_csaf
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
Publicly disclosed on 2025-06-10 through CISA/Schneider Electric advisory material, with the source record updated on 2025-07-08. The provided data does not mark the CVE as KEV-listed and does not note ransomware campaign use.