Zero Day MonitorZDM

← Back to list

EST

PRE-CVE

schneider electric

Multiple vulnerabilities in Schneider Electric products including Easergy MiCOM Px40 Series, Modicon Managed Switches, and PowerChute Serial Shutdown

72% confidence

Description

Schneider Electric disclosed multiple vulnerabilities affecting Easergy MiCOM Px40 Series (including a hard-coded credentials vulnerability), Modicon Managed Switches (third-party vulnerability), and PowerChute Serial Shutdown (multiple vulnerabilities). These affect various versions and models as specified by Schneider Electric.

Affected Products

Vendor	Product	Versions
schneider electric	—	Easergy MiCOM Px40 Series - multiple versions and models, Connexium Managed Switches TCSESM - all versions, Modicon Managed Switches MCSESM, MCSESP - all versions, Modicon Redundancy Switches MCSESR - all versions, PowerChute Serial Shutdown - version 1.4 and prior

Related News (1 articles)

Tier B

CCCS Canada3h ago

[Control systems] Schneider Electric security advisory (AV26-350)

→ No new info (linked only)

CISA KEV❌ No

Actively exploited❌ No

PublishedApr 14, 2026

Last enriched3h ago

Tags

multiple vulnerabilitieshard-coded credentialsthird-party vulnerability

Trending Score20

Source articles1

Independent1

Info Completeness4/14

Missing: cve_id, product, cvss, epss, cwe, kev, exploit, patch, iocs, mitre_attack

Community Vote

0 upvotes0 downvotes

No votes yet

Related CVEs (5)

NONECVE-2026-2402EXP

CVE-2026-2402: CWE-307 Improper Restriction of Excessive Authentication Attempts vulnerability exists that would allow an attacker to g

NONECVE-2026-4832EXP

CVE-2026-4832: CWE-798 Use of Hard-coded Credentials vulnerability exists that could cause unauthorized access to sensitive device info

NONECVE-2026-2403EXP

CVE-2026-2403: CWE-1284 Improper Validation of Specified Quantity in Input vulnerability exists that could cause Event and Data Log tru

NONECVE-2026-2405EXP

CVE-2026-2405: CWE-400 Uncontrolled Resource Consumption vulnerability exists that could cause excessive troubleshooting zip file creat

HIGHCVE-2026-2404

CVE-2026-2404: CWE-116 Improper Encoding or Escaping of Output vulnerability exists that could cause log injection and forged log when

Pin to Dashboard

Verification

State: reported

Confidence: 72%

Vulnerability Timeline

CVE Published

Apr 14, 2026

Discovered by ZDM

Apr 14, 2026