Resource exhaustion in Schneider Electric Powerchute™ Serial Shutdown

CVE-2026-2405

CWE-400 Uncontrolled Resource Consumption vulnerability exists that could cause excessive troubleshooting zip file creation and denial of service when a Web Admin user floods the system with POST /helpabout requests.

Vulnerability class: DoS (Denial of Service)

EPSS: 0.001 (17.1th percentile) — read the EPSS interpretation.

Affected products

Schneider Electric Powerchute™ Serial Shutdown — versions Versions 1.4 and prior

Weakness classification (CWE)

CWE-400 — Uncontrolled Resource Consumption

References

download.schneider-electric.com/files