CVE-2025-8448

Vulnerability Description

CWE-200: Exposure of Sensitive Information to an Unauthorized Actor vulnerability exists that could cause unauthorized access to sensitive credential data when an attacker is able to capture local SMB traffic between a valid user within the BMS network and the vulnerable products.

Related Weaknesses (CWE)

CWE-200

References

https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2025-224-04&p_enDoc

FAQ

What is CVE-2025-8448?

CVE-2025-8448 is a documented vulnerability. CWE-200: Exposure of Sensitive Information to an Unauthorized Actor vulnerability exists that could cause unauthorized access to sensitive credential data when an attacker is able to capture local SMB...

How severe is CVE-2025-8448?

CVSS scoring is not yet available for CVE-2025-8448. Check NVD for updates.

Is there a patch for CVE-2025-8448?

Check the references section above for vendor advisories and patch information. Review vendor security bulletins for remediation guidance.