CVE-2025-13905

EUVD-2025-206546
CWE-276: Incorrect Default Permissions vulnerability exists that could cause  privilege escalation through the reverse shell when  one or more executable service binaries are modified in the installation folder by a local user with normal privilege upon service restart.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
UNKNOWN
---
Awaiting analysis
This vulnerability is currently awaiting analysis.
Base Score
CVSS 3.x
EPSS Score
Percentile: 1%
Common Weakness Enumeration
References
https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2026-013-02&p_enDocType=Security+and+Safety+Notice&p_File_Name=SEVD-2026-013-02.pdf