Schneider Electric Plant iT/Brewmaxx

p a href= https://github.com/cisagov/CSAF/blob/develop/csaf_files/OT/white/2026/icsa-26-083-03.json strong View CSAF /strong /a /p h2 Summary /h2 p strong Successful exploitation of these vulnerabilities could risk privilege escalation, which could result in remote code execution. /strong /p p The following versions of Schneider Electric Plant iT/Brewmaxx are affected: /p ul li Plant iT/Brewmaxx 9.60_and_above (CVE-2025-49844, CVE-2025-46817, CVE-2025-46818, CVE-2025-46819) /li /ul div class= csaf-table table class= tablesaw tablesaw-stack data-tablesaw-mode= stack data-tablesaw-minimap thead tr th role= columnheader data-tablesaw-priority= persist CVSS /th th role= columnheader Vendor /th th role= columnheader Equipment /th th role= columnheader Vulnerabilities /th /tr /thead tbody tr td v3 9.9 /td td Schneider Electric /td td Schneider Electric Plant iT/Brewmaxx /td td Use After Free, Integer Overflow or Wraparound, Improper Control of Generation of Code ('Code Injection') /td /tr /tbody /table /div h3 Background /h3 ul li strong Critical Infrastructure Sectors: /strong Energy, Critical Manufacturing, Commercial Facilities /li li strong Countries/Areas Deployed: /strong Worldwide /li li strong Company Headquarters Location: /strong France /li /ul hr h2 Vulnerabilities /h2 div class= csaf-accordion p a class= csaf-accordion-toggle-all href= # Expand All + /a /p div class= csaf-accordion-item h3 a class= csaf-accordion-toggle href= # CVE-2025-49844 /a /h3 div class= csaf-accordion-content p The affected product uses Redis, an open-source, in-memory database. Versions 8.2.1 and below allow an authenticated user to use a specially crafted Lua script to manipulate the garbage collector, trigger a use-after-free, and potentially lead to remote code execution. /p p a href= https://www.cve.org/CVERecord?id=CVE-2025-49844 View CVE Details /a /p hr h4 Affected Products /h4 h5 Schneider Electric Plant iT/Brewmaxx /h5 div class= ics-vendor-version-status div class= ics-vendor strong Vendor: /strong br Schneider Electric /div div class= ics-version strong Product Version: /strong br Schneider Electric Plant iT/Brewmaxx: 9.60_and_above /div div class= ics-status strong Product Status: /strong br known_affected /div /div div class= ics-remediations h6 Remediations /h6 p strong Mitigation /strong br Schneider Electric recommends users immediately apply the following mitigations to reduce the risk of exploit: /p p strong Mitigation /strong br Install Patch ProLeiT-2025-001 via ProLeiT Support br a href= https://www.proleit.com/support/ https://www.proleit.com/support/ /a /p p strong Mitigation /strong br After installing ProLeiT-2025-001, disable the eval commands in Redis on the application server, VisuHub, engineering workstations, and workstations with emergency mode functionality /p p strong Mitigation /strong br Force usage of secure Redis configuration templates in system settings as documented in the patch manual /p p strong Mitigation /strong