CVE-2025-0814

Summary

CWE-20: Improper Input Validation vulnerability exists that could cause Denial-of-Service of the network services running on the product when malicious IEC61850-MMS packets are sent to the device. The core functionality of the breaker remains intact during the attack.

Affected Software

VendorProductVersion RangeStatus
Schneider ElectricEnerlin’X IFE interface (LV434001)All versionsaffected
Schneider ElectricEnerlin’X eIFE (LV851001)All versionsaffected

Weaknesses

  • CWE-20: CWE-20 Improper Input Validation

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: yes
    • Technical Impact: partial

References