Insufficient Entropy in Root Password Generation Enables Discovery
CVE-2025-50122 Published on July 11, 2025
A CWE-331: Insufficient Entropy vulnerability exists that could cause root password discovery when the password generation algorithm is reverse engineered with access to installation or upgrade artifacts.
Weakness Type
Insufficient Entropy
The software uses an algorithm or scheme that produces insufficient entropy, leaving patterns or clusters of values that are more likely to occur than others.
Products Associated with CVE-2025-50122
Want to know whenever a new CVE is published for Schneider Electric Data Center Expert? stack.watch will email you.
Affected Versions
Schneider Electric EcoStruxure™ IT Data Center Expert:- Version 8.3, <= Prior to is affected.
Exploit Probability
EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.