SEVD-2025-098-01 ConneXium Network Manager Software Security Notification

Schneider Electric is aware of vulnerabilities in its ConneXium Network Manager software. Failure to apply the mitigations below may risk sensitive data disclosure, leading privilege escalation through man-in-the-middle attacks on ConneXion Network Manager, denial of service, and remote code execution on engineering workstations. CVE-2025-2222, CVE-2025-2223. CWE-552: Files or Directories Accessible to External Parties vulnerability. CWE-20: Improper Input Validation vulnerability. Security Notification. Security Advisory.