Information disclosure in Schneider Electric Powerchute™ Serial Shutdown

CVE-2026-2401

CWE-532 Insertion of Sensitive Information into Log File vulnerability exists that could cause confidential information to be exposed when a Web Admin user executes a malicious file provided by an attacker.

EPSS: 0.000 (3.0th percentile) — read the EPSS interpretation.

Affected products

Schneider Electric Powerchute™ Serial Shutdown — versions Versions 1.4 and prior

Weakness classification (CWE)

CWE-532 — Insertion of Sensitive Information into Log File

References

download.schneider-electric.com/files