Vulnerability in Schneider Electric EcoStruxure IT Data Center Expert Leads to Data Confidentiality Compromise (CVE-2026-8045)

CERT-FR has issued an advisory regarding a significant vulnerability, CVE-2026-8045, discovered in Schneider Electric EcoStruxure IT Data Center Expert products. This flaw affects all versions prior to 9.1.2 and enables an attacker to compromise the confidentiality of data stored or processed by the system. EcoStruxure IT Data Center Expert is a critical management software for data center infrastructure, meaning a breach could expose sensitive operational data, configurations, or even credentials. The vulnerability's exact technical details are not publicly disclosed, but its impact on data confidentiality necessitates immediate patching to mitigate the risk of unauthorized information access and potential exfiltration by malicious actors.

Attack Chain

1. An attacker identifies a Schneider Electric EcoStruxure IT Data Center Expert instance accessible via the network, potentially through passive reconnaissance.
2. The attacker determines the target system is running a vulnerable version prior to 9.1.2.
3. The attacker leverages CVE-2026-8045 by sending specially crafted network requests or inputs to the EcoStruxure IT DCE service.
4. Successful exploitation of the vulnerability bypasses existing access controls or triggers an information disclosure flaw.
5. The attacker gains unauthorized access to internal files, databases, or configuration parameters containing sensitive information on the EcoStruxure IT DCE server.
6. The attacker enumerates and discovers confidential data, which may include operational settings, device credentials, or network topology information.
7. The attacker extracts or views the identified sensitive data, leading to a breach of data confidentiality.

Impact

The successful exploitation of CVE-2026-8045 directly results in a data confidentiality breach. For organizations utilizing EcoStruxure IT Data Center Expert, this means an attacker could gain unauthorized access to critical data center information, such as device configurations, passwords, operational metrics, and potentially sensitive customer data. Such exposure could lead to further network compromise, intellectual property theft, regulatory fines, reputational damage, and operational disruption. The advisory does not specify observed victim numbers or targeted sectors, but any organization using affected versions is at risk.

Recommendation

• Immediately update Schneider Electric EcoStruxure IT Data Center Expert installations to version 9.1.2 or higher as recommended in the Schneider Electric bulletin (SEVD-2026-160-01).
• Monitor network connections originating from EcoStruxure IT Data Center Expert systems for unusual outbound traffic patterns, especially large data transfers, using rules like "Detect Large Outbound Network Connections from EcoStruxure IT DCE".
• Implement robust network segmentation to restrict direct exposure of EcoStruxure IT Data Center Expert instances, reducing the attack surface for CVE-2026-8045.