CVE-2025-0815 HIGH

CVE-2025-0815

Vendor Schneider Electric

Product Enerlin’X IFE interface (LV434001)

Weakness CWE-20 · Input validation

Published February 13, 2025

Last update February 13, 2025

View on NVD All CVEs

CVSS base score

7.1/10

Attack vector Adjacent

Attack complexity Low

Privileges required None

User interaction None

Confidentiality —

Integrity —

CVSS vector

CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N

What the vulnerability does

01Description

CWE-20: Improper Input Validation vulnerability exists that could cause Denial-of-Service of the product when malicious ICMPV6 packets are sent to the device.

Key dates

02Disclosure timeline

February 13, 2025 CVE published

February 13, 2025 Record updated

External resources

03References

NVD — National Vulnerability Database https://nvd.nist.gov/vuln/detail/CVE-2025-0815

Related vulnerabilities

Identifiers

CVE CVE-2025-0815

CWE CWE-20

CVSS 7.1 / HIGH

Affected versions

Vendor Schneider Electric

Product Enerlin’X IFE interface (LV434001)

Affected All versions

Vendor Schneider Electric

Product Enerlin’X eIFE (LV851001)

Affected All versions

CVE-2025-0815

01Description

02Disclosure timeline

03References

04Related CVE