CVE-2026-4832
6.9
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N
Summary
CWE-798 Use of Hard-coded Credentials vulnerability exists that could cause unauthorized access to sensitive device information when an unauthenticated attacker is able to interrogate the SNMP port.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| Schneider Electric | Easergy MiCOM P14x | All versions prior to B4A | affected |
| Schneider Electric | Easergy MiCOM P24x | All versions prior to D3A | affected |
| Schneider Electric | Easergy MiCOM P341 | All versions prior to E3F | affected |
| Schneider Electric | Easergy MiCOM P342, P343, P344, P345 | All versions prior to B3F | affected |
| Schneider Electric | Easergy MiCOM P442, P444 | All versions prior to E3A | affected |
| Schneider Electric | Easergy MiCOM P443, P445, P446, P543, P544, P545, P546 | All versions prior to H6A | affected |
| Schneider Electric | Easergy MiCOM P642, P645 | All versions prior to B4A | affected |
| Schneider Electric | Easergy MiCOM P643 | All versions prior to B3F | affected |
| Schneider Electric | Easergy MiCOM P741, P742, P743 | All versions prior to B2A | affected |
| Schneider Electric | Easergy MiCOM P746 | All versions prior to B4E or C4E | affected |
| Schneider Electric | Easergy MiCOM P841 | All versions prior to G6A | affected |
| Schneider Electric | Easergy MiCOM P849 | All versions prior to B4A | affected |
Weaknesses
- CWE-798: CWE-798 Use of Hard-Coded Credentials
ADP Enrichment
CISA ADP Vulnrichment
- SSVC:
- Exploitation: none
- Automatable: yes
- Technical Impact: partial
References
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.