RCE in Schneider Electric Ecostruxure™ It Data Center Expert

CVE-2025-50123

A CWE-94: Improper Control of Generation of Code ('Code Injection') vulnerability exists that could cause remote command execution by a privileged account when the server is accessed via a console and through exploitation of the hostname…

Vulnerability class: RCE (Remote Code Execution)

EPSS: 0.003 (23.0th percentile) — read the EPSS interpretation.

Affected products

Weakness classification (CWE)

References