CVE-2025-11739

UNKNOWN 0.0

CVSS Score

0.0

EPSS Score

0.0%

EPSS Percentile

0th

CWE‑502: Deserialization of Untrusted Data vulnerability exists that could cause arbitrary code execution with administrative privileges when a locally authenticated attacker sends a crafted data stream, triggering unsafe deserialization.

CWE	CWE-502
Vendor	schneider electric
Product	ecostruxure™ power monitoring expert (pme)
Published	Mar 10, 2026
Last Updated	Mar 10, 2026

Stay Ahead of the Next One

Get instant alerts for schneider electric ecostruxure™ power monitoring expert (pme)

Be the first to know when new unknown vulnerabilities affecting schneider electric ecostruxure™ power monitoring expert (pme) are published — delivered to Slack, Telegram or Discord.

Get Free Alerts → Free · No credit card · 60 sec setup

Affected Versions

Schneider Electric / EcoStruxure™ Power Monitoring Expert (PME)

Version 2022 Version 2023 Version 2023 R2 Version 2024 Version 2024 R2

Schneider Electric / EcoStruxure™ Power Operation (EPO) Advanced Reporting and Dashboards Module

Version 2022 Version 2024

References

NVD ↗ CVE.org ↗ EPSS Data ↗

download.schneider-electric.com: https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2026-069-06&p_enDocType=Security+and+Safety+Notice&p_File_Name=SEVD-2026-069-06.pdf