CVE-2025-1070
Published: 13 February 2025
Summary
CVE-2025-1070 is a high-severity Unrestricted Upload of File with Dangerous Type (CWE-434) vulnerability in Schneider Electric (inferred from references). Its CVSS base score is 7.2 (High).
Operationally, exploitation aligns with the MITRE ATT&CK technique Exploit Public-Facing Application (T1190); ranked at the 34.8th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog.
The strongest mitigations our analysis identified are NIST 800-53 SI-10 (Information Input Validation) and SI-2 (Flaw Remediation).
Deeper analysis
CVE-2025-1070 is a CWE-434 unrestricted upload of file with dangerous type vulnerability that could render the affected device inoperable when a malicious file is downloaded. Published on 2025-02-13 with a CVSS v3.1 base score of 8.1 (AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H), it impacts a Schneider Electric device, as detailed in their security notice.
An attacker with low privileges (PR:L) can exploit this vulnerability over the network (AV:N) with low complexity and no user interaction required (UI:N). Successful exploitation allows high integrity (I:H) and availability (A:H) impact with no confidentiality impact, potentially rendering the device inoperable by uploading a malicious file that is subsequently downloaded.
The Schneider Electric security and safety notice SEVD-2025-042-01, available at the referenced URL, provides details on mitigation measures for this vulnerability.
EU & UK References
- 🇪🇺 ENISA EUVD: EUVD-2025-1986
Vulnerability details
CWE-434: Unrestricted Upload of File with Dangerous Type vulnerability exists that could render the device inoperable when a malicious file is downloaded.
- CWE(s)
Related Threats
MITRE ATT&CK Enterprise TechniquesAI
Why these techniques?
Unrestricted file upload vulnerability (CWE-434) in a network-exposed Schneider Electric device interface directly enables remote exploitation of a public-facing application to upload malicious content, leading to integrity/availability impact.
CVEs Like This One
Affected Assets
Mitigating Controls
Mitigating Controls (NIST 800-53 r5) AI
Directly addresses unrestricted upload of dangerous file types by validating all information inputs at upload points to ensure only safe files are accepted.
Restricts classes of dangerous file types from being uploaded, preventing attackers from introducing malicious files even with low privileges.
Establishes processes to identify, report, and remediate the specific flaw enabling unrestricted file uploads, eliminating the vulnerability.