RCE in Schneider Electric Saitel Dp Rtu

CVE-2025-9997

CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerability exists that could cause command injection in BLMon that is executed in the operating system console when in a SSH session.

Vulnerability class: Command Injection (OS Command Injection)

EPSS: 0.005 (39.2th percentile) — read the EPSS interpretation.

Affected products

Weakness classification (CWE)

References