CVE-2025-11566

Vulnerability Description

CWE-307: Improper Restriction of Excessive Authentication Attempts vulnerability exists that would allow an attacker on the local network to gain access to the user account by performing an arbitrary number of authentication attempts with different credentials on the /REST/shutdownnow endpoint.

Related Weaknesses (CWE)

CWE-307

References

https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2025-315-01&p_enDoc

FAQ

What is CVE-2025-11566?

CVE-2025-11566 is a documented vulnerability. CWE-307: Improper Restriction of Excessive Authentication Attempts vulnerability exists that would allow an attacker on the local network to gain access to the user account by performing an arbitrary ...

How severe is CVE-2025-11566?

CVSS scoring is not yet available for CVE-2025-11566. Check NVD for updates.

Is there a patch for CVE-2025-11566?

Check the references section above for vendor advisories and patch information. Review vendor security bulletins for remediation guidance.