Improper Input Validation in Schneider Electric Device
CVE-2025-0816

7.1HIGH

Key Information:

Vendor: Schneider Electric
Status: Enerlin’x Ife Interface (lv434001); Enerlin’x Eife (lv851001)
Vendor: CVE Published:; 13 February 2025

Summary

An improper input validation vulnerability has been identified in Schneider Electric network devices. This flaw could be exploited by sending malicious IPV6 packets to the device, potentially resulting in a Denial-of-Service condition. Organizations using these devices should take preemptive measures to mitigate the risk associated with this vulnerability.

Affected Version(s)

Enerlin’X eIFE (LV851001) All versions

Enerlin’X IFE interface (LV434001) All versions

References

https://download.schneider-electric.com/files?p_Doc_Ref=S...

CVSS V4

Score:

7.1

Severity:

HIGH

Confidentiality:

None

Integrity:

None

Availability:

High

Attack Vector:

Adjacent Network

Attack Complexity:

Low

Attack Required:

None

Privileges Required:

Undefined

User Interaction:

None

Timeline

Vulnerability published
Feb 13, 2025
Vulnerability Reserved
Jan 28, 2025