High severity7.8NVD Advisory· Published Jan 15, 2026· Updated Apr 27, 2026
CVE-2025-13845
CVE-2025-13845
Description
CWE-416: Use After Free vulnerability that could cause remote code execution when the end user imports the malicious project file (SSD file) into Rapsody.
Affected products
7cpe:2.3:a:schneider-electric:ecostruxure_power_build_-_rapsody:*:*:*:*:bel_en:*:*:*+ 6 more
- cpe:2.3:a:schneider-electric:ecostruxure_power_build_-_rapsody:*:*:*:*:bel_en:*:*:*range: <=2.8.3.0100
- cpe:2.3:a:schneider-electric:ecostruxure_power_build_-_rapsody:*:*:*:*:bel_fr:*:*:*range: <=2.8.8.0100
- cpe:2.3:a:schneider-electric:ecostruxure_power_build_-_rapsody:*:*:*:*:esp:*:*:*range: <=2.8.5.0200
- cpe:2.3:a:schneider-electric:ecostruxure_power_build_-_rapsody:*:*:*:*:fr:*:*:*range: <=2.8.1.0300
- cpe:2.3:a:schneider-electric:ecostruxure_power_build_-_rapsody:*:*:*:*:int_en:*:*:*range: <=2.8.4.0300
- cpe:2.3:a:schneider-electric:ecostruxure_power_build_-_rapsody:*:*:*:*:nl:*:*:*range: <=2.8.2.0000
- cpe:2.3:a:schneider-electric:ecostruxure_power_build_-_rapsody:*:*:*:*:pt:*:*:*range: <=2.8.7.0100
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
1- download.schneider-electric.com/filesnvdVendor Advisory
News mentions
0No linked articles in our index yet.