CVE-2025-6438 | Schneider Electric EcoStruxure IT Data Center Expert SOAP API xml external entity reference (SEVD-2025-189-01 / EUVD-2025-21129)

A vulnerability classified as problematic has been found in Schneider Electric EcoStruxure IT Data Center Expert. This affects an unknown part of the component SOAP API. The manipulation leads to xml external entity reference.

This vulnerability is uniquely identified as CVE-2025-6438. It is possible to initiate the attack remotely. There is no exploit available.

It is recommended to apply a patch to fix this issue.VulDB Recent EntriesRead More