CVE-2025-13905
Unknown Unknown - Not Provided
Incorrect Default Permissions in Service Binaries Allow Privilege Escalation

Publication date: 2026-01-29

Last updated on: 2026-01-29

Assigner: Schneider Electric SE

Description
CWE-276: Incorrect Default Permissions vulnerability exists that could cause privilege escalation through the reverse shell when one or more executable service binaries are modified in the installation folder by a local user with normal privilege upon service restart.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2026-01-29
Last Modified
2026-01-29
Generated
2026-06-17
AI Q&A
2026-01-29
EPSS Evaluated
2026-06-15
NVD
CVE-2025-13905
EUVD
EUVD-2025-206546
Affected Vendors & Products
Showing 2 associated CPEs
Vendor Product Version / Range
schneider_electric ecostruxure_process_expert to 2025 (exc)
schneider_electric ecostruxure_process_expert_for_aveva_system_platform *
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-276 During installation, installed file permissions are set to allow anyone to modify those files.
Attack-Flow Graph
AI Quick Actions
Instant insights powered by AI
Executive Summary

This vulnerability is an Incorrect Default Permissions issue (CWE-276) in Schneider Electric's EcoStruxure Process Expert products. It allows a local user with normal privileges to modify executable service binaries in the installation folder. When the affected service restarts, this modification can lead to privilege escalation through a reverse shell exploit, effectively giving the attacker higher-level access. [1]

Impact Analysis

The vulnerability can lead to privilege escalation, allowing an attacker with normal user privileges to gain higher-level access to the system. This can result in a reverse shell exploit, compromising confidentiality, integrity, and availability of the affected system. Such an exploit could allow unauthorized control over the system, potentially disrupting operations or exposing sensitive data. [1]

Detection Guidance

The provided resources do not include specific commands or detailed detection methods for identifying this vulnerability on your network or system. General recommendations include scanning for modified executable service binaries in the installation folder and monitoring for unauthorized privilege escalations, but no explicit commands are given. [1]

Mitigation Strategies

Immediate mitigation steps include upgrading to EcoStruxureβ„’ Process Expert version 2025, which contains the fix. For EcoStruxureβ„’ Process Expert for AVEVA System Platform, apply application whitelisting to allow only authenticated applications and restrict system access to necessary users. Additional recommendations include isolating control and safety networks behind firewalls, implementing physical security controls, locking controllers, avoiding unauthorized network connections, scanning removable media, minimizing network exposure, and using secure remote access methods such as VPNs. [1]

Compliance Impact

The provided resources do not explicitly address how this vulnerability affects compliance with common standards and regulations such as GDPR or HIPAA.

Chat Assistant
Ask questions about this CVE
Hi! I’m here to help you understand CVE-2025-13905. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70
EPSS Chart