VYPR

Ecostruxure Power Build Rapsody

by Schneider Electric

CVEs (4)

  • CVE-2025-13845HigJan 15, 2026
    risk 0.51cvss 7.8epss 0.00

    CWE-416: Use After Free vulnerability that could cause remote code execution when the end user imports the malicious project file (SSD file) into Rapsody.

  • CVE-2025-13844Jan 15, 2026
    risk 0.00cvss epss 0.00

    CWE-415: Double Free vulnerability exists that could cause heap memory corruption when the end user imports a malicious project file (SSD file) shared by the attacker into Rapsody.

  • CVE-2021-22698Jan 25, 2021
    risk 0.00cvss epss 0.04

    A CWE-434: Unrestricted Upload of File with Dangerous Type vulnerability exists in the EcoStruxure Power Build - Rapsody software (V2.1.13 and prior) that could allow a stack-based buffer overflow to occur which could result in remote code execution when a malicious SSD file is…

  • CVE-2021-22697Jan 25, 2021
    risk 0.00cvss epss 0.03

    A CWE-434: Unrestricted Upload of File with Dangerous Type vulnerability exists in the EcoStruxure Power Build - Rapsody software (V2.1.13 and prior) that could allow a use-after-free condition which could result in remote code execution when a malicious SSD file is uploaded and…