Schneider-Electric Ecostruxure Power Build - Rapsody vulnerabilities
3 known vulnerabilities affecting schneider-electric/ecostruxure_power_build_-_rapsody.
Total CVEs
3
CISA KEV
0
Public exploits
0
Exploited in wild
0
Severity breakdown
HIGH3
Vulnerabilities
Page 1 of 1
CVE-2025-13844HIGHCVSS 8.4≤ 2.8.1≤ 2.8.3+3 more2026-01-15
CVE-2025-13844 [HIGH] CWE-415 CVE-2025-13844: CWE-415: Double Free vulnerability exists that could cause heap memory corruption when the end user
CWE-415: Double Free vulnerability exists that could cause heap memory corruption when the end user imports a malicious project file (SSD file) shared by the attacker into Rapsody.
nvd
CVE-2021-22697HIGHCVSS 7.8≤ 2.1.132021-01-26
CVE-2021-22697 [HIGH] CWE-434 CVE-2021-22697: A CWE-434: Unrestricted Upload of File with Dangerous Type vulnerability exists in the EcoStruxure P
A CWE-434: Unrestricted Upload of File with Dangerous Type vulnerability exists in the EcoStruxure Power Build - Rapsody software (V2.1.13 and prior) that could allow a use-after-free condition which could result in remote code execution when a malicious SSD file is uploaded and improperly parsed.
nvd
CVE-2021-22698HIGHCVSS 7.8≤ 2.1.132021-01-26
CVE-2021-22698 [HIGH] CWE-434 CVE-2021-22698: A CWE-434: Unrestricted Upload of File with Dangerous Type vulnerability exists in the EcoStruxure P
A CWE-434: Unrestricted Upload of File with Dangerous Type vulnerability exists in the EcoStruxure Power Build - Rapsody software (V2.1.13 and prior) that could allow a stack-based buffer overflow to occur which could result in remote code execution when a malicious SSD file is uploaded and improperly parsed.
nvd