CVE-2025-13957

UNKNOWN 0.0

CVSS Score

0.0

EPSS Score

0.0%

EPSS Percentile

0th

CWE-798: Use of Hard-coded Credentials vulnerability exists that could cause information disclosure and remote code execution when SOCKS Proxy is enabled, and administrator credentials and PostgreSQL database credentials are known. SOCKS Proxy is disabled by default.

CWE	CWE-798
Vendor	schneider electric
Product	ecostruxure™ it data center expert (formerly known as struxureware data center expert)
Published	Mar 10, 2026
Last Updated	Mar 10, 2026

Stay Ahead of the Next One

Get instant alerts for schneider electric ecostruxure™ it data center expert (formerly known as struxureware data center expert)

Be the first to know when new unknown vulnerabilities affecting schneider electric ecostruxure™ it data center expert (formerly known as struxureware data center expert) are published — delivered to Slack, Telegram or Discord.

Get Free Alerts → Free · No credit card · 60 sec setup

Affected Versions

Schneider Electric / EcoStruxure™ IT Data Center Expert (Formerly known as StruxureWare Data Center Expert)

v9.0 and prior

References

NVD ↗ CVE.org ↗ EPSS Data ↗

download.schneider-electric.com: https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2026-069-05&p_enDocType=Security+and+Safety+Notice&p_File_Name=SEVD-2026-069-05.pdf