5.3
CVE-2025-6788
- EPSS 0.06%
- Published 11.07.2025 11:09:35
- Last modified 15.07.2025 13:14:49
- Source cybersecurity@se.com
- Teams watchlist Login
- Open Login
A CWE-668: Exposure of Resource to Wrong Sphere vulnerability exists that exposes TGML diagram resources to the wrong control sphere, providing other authenticated users with potentially inappropriate access to TGML diagrams.
Verknüpft mit AI von unstrukturierten Daten zu bestehenden CPE der NVD
This information is available to logged-in users. Login
Daten sind bereitgestellt durch das CVE Programm von einer CVE Numbering Authority (CNA) (Unstrukturiert).
VendorSchneider Electric
≫
Product
EcoStruxure™ Power Monitoring Expert
Default Statusunaffected
Version <
All
Version
2023
Status
affected
Version <
All
Version
2023 R2
Status
affected
Version <
All
Version
2024
Status
affected
Version <
All
Version
2024 R2
Status
affected
VendorSchneider Electric
≫
Product
EcoStruxure™ Power Operation Advanced Reporting and Dashboards Module
Default Statusunaffected
Version <
All
Version
2022 w/ Advanced Reporting Module
Status
affected
Version <
All
Version
2024 w/ Advanced Reporting Module
Status
affected
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
| Type | Source | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.06% | 0.199 |
| Source | Base Score | Exploit Score | Impact Score | Vector string |
|---|---|---|---|---|
| cybersecurity@se.com | 5.3 | 0 | 0 |
CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
|
CWE-668 Exposure of Resource to Wrong Sphere
The product exposes a resource to the wrong control sphere, providing unintended actors with inappropriate access to the resource.