Improper Privilege Management in Schneider Electric Products
CVE-2025-8453

8.4HIGH

Key Information:

Vendor: Schneider Electric
Status: Saitel Dr Rtu; Saitel Dp Rtu
Vendor: CVE Published:; 20 August 2025

🔔 Create Schneider Electric Vulnerability Alert

What is CVE-2025-8453?

A vulnerability exists in various Schneider Electric products due to improper privilege management. This flaw enables a privileged engineer with console access to modify critical configuration files. When such modifications occur, they can lead to privilege escalation and arbitrary code execution by root-level daemons executing custom scripts. This poses a significant risk as unauthorized actions can be performed within the system, compromising its integrity and security.

Affected Version(s)

Saitel DP RTU Versions 11.06.34 and prior

Saitel DR RTU Versions 11.06.29 and prior

References

https://download.schneider-electric.com/files?p_Doc_Ref=S...

CVSS V4

Score:

8.4

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Local

Attack Complexity:

Low

Attack Required:

None

Privileges Required:

Undefined

User Interaction:

None

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Aug 20, 2025
Vulnerability Reserved
Aug 1, 2025