CVE-2025-0327 — HIGH (7.8) — White Hats Nepal

Vulnerability Description

CWE-269: Improper Privilege Management vulnerability exists for two services (of which one managing audit trail data and the other acting as server managing client request) that could cause a loss of Confidentiality, Integrity and Availability of engineering workstation when an attacker with standard privilege modifies the executable path of the windows services. To be exploited, services need to be restarted.

CVSS Score

7.8

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality

HIGH

Integrity

HIGH

Availability

HIGH

Related Weaknesses (CWE)

CWE-269

References

https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2025-042-03&p_enDoc

FAQ

What is CVE-2025-0327?

CVE-2025-0327 is a vulnerability with a CVSS score of 7.8 (HIGH). CWE-269: Improper Privilege Management vulnerability exists for two services (of which one managing audit trail data and the other acting as server managing client request) that could cause a loss of ...

How severe is CVE-2025-0327?

CVE-2025-0327 has been rated HIGH with a CVSS base score of 7.8/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2025-0327?

Check the references section above for vendor advisories and patch information. Review vendor security bulletins for remediation guidance.