Elevated Access via Improper Default Permissions on Install Folder
CVE-2025-11567 Published on November 12, 2025
CWE-276: Incorrect Default Permissions vulnerability exists that could cause elevated system access when the target installation folder is not properly secured.
Weakness Type
Incorrect Default Permissions
During installation, installed file permissions are set to allow anyone to modify those files.
Products Associated with CVE-2025-11567
Want to know whenever a new CVE is published for Schneider Electric Powerchute? stack.watch will email you.
Affected Versions
Schneider Electric PowerChute™ Serial Shutdown Version Versions v1.3 and prior is affected by CVE-2025-11567Exploit Probability
EPSS
0.02%
Percentile
3.44%
EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.