CVE-2025-9997

MEDIUM

Schneider Electric Saitel DR RTU < 11.06.29 and Saitel DP RTU < 11.06.33 - OS Command Injection via BLMon in SSH Session

Title source: llm

Description

CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerability exists that could cause command injection in BLMon that is executed in the operating system console when in a SSH session.

References (1)

Core 1

Core References

Various Sources

https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2025-252-02&p_enDocType=Security+and+Safety+Notice&p_File_Name=SEVD-2025-252-02.pdf

Scores

CVSS v4 5.8

EPSS 0.0050

EPSS Percentile 39.0%

CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:L/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

CISA SSVC

Vulnrichment

Exploitation none

Automatable no

Technical Impact partial

Details

CWE

CWE-78

Status published

Products (2)

Schneider Electric/Saitel DP RTU all versions - 11.06.33

Schneider Electric/Saitel DR RTU all versions - 11.06.29

Published Sep 09, 2025

Tracked Since Feb 18, 2026