Vulnerability in Schneider Electric Powerchute™ Serial Shutdown

CVE-2026-2403

CWE-1284 Improper Validation of Specified Quantity in Input vulnerability exists that could cause Event and Data Log truncation impacting log integrity when a Web Admin user alters the POST /logsettings request payload.

EPSS: 0.001 (18.7th percentile) — read the EPSS interpretation.

Affected products

Schneider Electric Powerchute™ Serial Shutdown — versions Versions 1.4 and prior

Weakness classification (CWE)

CWE-1284 — Improper Validation of Specified Quantity in Input

References

download.schneider-electric.com/files