CVE-2025-13844 is a double free vulnerability (CWE-415) identified in Schneider Electric's EcoStruxure Power Build Rapsody software, versions prior to FR v2.8.1, INT v2.8.6, ES v2.8.5, BEL (NL) v2.8.3, and BEL (FR) v2.8.8. The vulnerability arises when the software processes a specially crafted SSD project file imported by the user. A double free occurs when the program attempts to free the same heap memory twice, leading to heap corruption. This can cause unpredictable behavior including crashes, memory corruption, or potentially arbitrary code execution. The CVSS 4.0 score is 8.4 (high), reflecting local attack vector with low complexity, no privileges required, but user interaction needed. The vulnerability impacts confidentiality, integrity, and availability with high impact, and the scope is limited to the local system where the software is installed. No authentication is required, but the user must import a malicious file, which implies social engineering or insider threat vectors. Currently, no public exploits or active exploitation have been reported. The vulnerability affects multiple regional versions of the software, indicating a broad footprint in European markets. The software is used in industrial automation and power management, making this vulnerability critical for operational technology environments.

For European organizations, especially those in energy, manufacturing, and critical infrastructure sectors relying on Schneider Electric's EcoStruxure Power Build Rapsody, this vulnerability poses a significant risk. Exploitation can lead to system crashes or arbitrary code execution, potentially disrupting industrial control processes or causing denial of service. This can result in operational downtime, safety hazards, and compromise of sensitive operational data. Given the software's role in power management projects, attackers could manipulate project configurations or cause system instability. The requirement for user interaction means phishing or social engineering could be used to deliver malicious SSD files. The impact on confidentiality, integrity, and availability is high, which is critical for sectors with strict regulatory and safety requirements. The absence of known exploits currently provides a window for mitigation before active attacks emerge.

Organizations should immediately audit their use of EcoStruxure Power Build Rapsody and identify affected versions. Until patches are released by Schneider Electric, restrict the import of SSD project files from untrusted or external sources. Implement strict file validation and scanning for malicious content. Educate users on the risks of importing files from unknown origins and enforce policies to prevent social engineering attacks. Employ endpoint protection solutions capable of detecting anomalous memory corruption or exploitation attempts. Monitor system logs for crashes or unusual behavior related to the software. Once Schneider Electric releases patches, prioritize timely deployment across all affected systems. Consider network segmentation to isolate systems running this software from general user environments to reduce exposure. Maintain backups of project files and configurations to enable recovery in case of exploitation.