IM
IronMonkey Threat Research
‹ Back to ICS Advisories

Schneider Electric Easergy, EcoStruxture, PowerLogic, and Saitel Products

HIGH
CVSS 8.3
Date 2026-06-18T06:00:00+00:00
Source cisa-csaf
Published by CISA

// Description

We strongly recommend the following industry cybersecurity best practices. * Locate control and safety system networks and remote devices behind firewalls and isolate them from the business network. * Install physical controls so no unauthorized personnel can access your industrial control and safety systems, components, peripheral equipment, and networks. * Place all controllers in locked cabinets and never leave them in the “Program” mode. * Never connect programming software to any network other than the network intended for that device. * Scan all methods of mobile data exchange with the isolated network such as CDs, USB drives, etc. before use in the terminals or any node connected to these networks. * Never allow mobile devices that have connected to any other network besides the intended network to connect to the safety or control networks without proper sanitation. * Minimize network exposure for all control system devices and systems and ensure that they are not accessible from the Internet. * When remote access is required, use secure methods, such as Virtual Private Networks (VPNs). Recognize that VPNs may have vulnerabilities and should be updated to the most current version available. Also, understand that VPNs are only as secure as the connected devices. For more information refer to the Schneider Electric [Recommended Cybersecurity Best Practices](https://www.se.com/us/en/download/document/7EN52-0390/) document.

// Vulnerabilities (1)

CVE ID CVSS Score Severity Description
CVE-2026-4827 8.3 high
CVE-2026-4827. CWE-331 Insufficient Entropy vulnerability exists that could lead to unauthorized access when an attacker on the network can exploit weaknesses in session‑management protections.

// Affected Products (3)

Vendor Product Asset Type Purdue Level Firmware
Schneider Electric Unknown engineering_workstation
L3
--
Schneider Electric Unknown engineering_workstation
L3
--
Schneider Electric Unknown engineering_workstation
L3
--

// Remediations (25)

Patch: CPU866e Firmware version 11.06.37 includes a fix for this vulnerability and is available for downl
CPU866e Firmware version 11.06.37 includes a fix for this vulnerability and is available for download. Contact Schneider Electric’s Customer Care Center to download this firmware. A reboot is needed to complete the firmware upgrade
Patch: Version 11.08.03 of PowerLogic™ T500 includes a fix for this vulnerability Contact Schneider Electr
Version 11.08.03 of PowerLogic™ T500 includes a fix for this vulnerability Contact Schneider Electric’s Customer Care Center to download this firmware. A reboot is needed to complete the firmware upgrade
Patch: Version P439.678.700 Easergy MiCOM P439 includes a fix for this vulnerability. Contact Schneider Ele
Version P439.678.700 Easergy MiCOM P439 includes a fix for this vulnerability. Contact Schneider Electric’s Customer Care Center for information on how to contact your local Application Center to update the device.
Patch: Version P139.678.700 Easergy MiCOM P139 includes a fix for this vulnerability. Contact Schneider Ele
Version P139.678.700 Easergy MiCOM P139 includes a fix for this vulnerability. Contact Schneider Electric’s Customer Care Center for information on how to contact your local Application Center to update the device.
Patch: Version V02.503.101 of PowerLogic™ P5 includes a fix for this vulnerability Contact Schneider Elec
Version V02.503.101 of PowerLogic™ P5 includes a fix for this vulnerability Contact Schneider Electric’s Customer Care Center to download this firmware.
Patch: Version 6.4.610.500.101 of EPAS Gateway includes a fix for this vulnerability. Contact Schneider E
Version 6.4.610.500.101 of EPAS Gateway includes a fix for this vulnerability. Contact Schneider Electric’s Customer Care Center to download this software
Patch: Version P632.678.700 Easergy MiCOM P632 includes a fix for this vulnerability. Contact Schneider Ele
Version P632.678.700 Easergy MiCOM P632 includes a fix for this vulnerability. Contact Schneider Electric’s Customer Care Center for information on how to contact your local Application Center to update the device.
Patch: EPO 2024 CU 3 of EcoStruxure™ Power Operation includes a fix for this vulnerability and is availab
EPO 2024 CU 3 of EcoStruxure™ Power Operation includes a fix for this vulnerability and is available for download here: • https://community.se.com/t5/EcoStruxure-PowerOperation/Power-Operation-2024-CU3-is-HERE/td-p/534769 Reboot needed: yes
Patch: HUe Firmware version 11.06.31 includes a fix for this vulnerability and is available for download
HUe Firmware version 11.06.31 includes a fix for this vulnerability and is available for download here: . Contact Schneider Electric’s Customer Care Center to download this software. A reboot is needed to complete the firmware upgrade
Patch: EPO 2022 CU 7 of EcoStruxure™ Power Operation includes a fix for this vulnerability and is availab
EPO 2022 CU 7 of EcoStruxure™ Power Operation includes a fix for this vulnerability and is available for download here: • https://community.se.com/t5/EcoStruxure-PowerOperation/Power-Operation-2022-CU7-is-Now-Available/tdp/524787 Reboot needed: yes
Patch: Version P138.677.701 Easergy MiCOM P138 includes a fix for this vulnerability. Contact Schneider Ele
Version P138.677.701 Easergy MiCOM P138 includes a fix for this vulnerability. Contact Schneider Electric’s Customer Care Center for information on how to contact your local Application Center to update the device.
Patch: Version 1.1.18 of Easergy C5 includes a fix for this vulnerability. Contact Schneider Electric’s C
Version 1.1.18 of Easergy C5 includes a fix for this vulnerability. Contact Schneider Electric’s Customer Care Center for information on how to contact your local Application Center to update the device. Reboot is required
Patch: Version 2.9.5 of PowerLogic™ T300 includes a fix for this vulnerability Contact Schneider Electric’
Version 2.9.5 of PowerLogic™ T300 includes a fix for this vulnerability Contact Schneider Electric’s Customer Care Center to download this firmware. A reboot is needed to complete the firmware upgrade
Patch: Version P634.680.701 Easergy MiCOM P634 includes a fix for this vulnerability. Contact Schneider Ele
Version P634.680.701 Easergy MiCOM P634 includes a fix for this vulnerability. Contact Schneider Electric’s Customer Care Center for information on how to contact your local Application Center to update the device.
Mitigation: If customers choose not to apply the remediation provided above, they should immediately apply the f
If customers choose not to apply the remediation provided above, they should immediately apply the following mitigations to reduce the risk of exploit:• Ensure P30 operates within a physically or logically segmented internal network. Access to this network should be tightly controlled using standard security mechanisms such as firewalls, intrusion detection systems (IDS), and other relevant protective measures. • Reduce the “Minimum inactivity period” using the CAE tool to shorten session timeout durations and minimize the risk of unauthorized access due to inactive sessions.
Mitigation: Schneider Electric is establishing a remediation plan for a future version of the Easergy MiCOM P4
Schneider Electric is establishing a remediation plan for a future version of the Easergy MiCOM P40 Series model numbers with Protocol Option bit as G, H or L. P_ 4_ _ _ _ _ G_ _ _ _ _ M P_ 4_ _ _ _ _ H_ _ _ _ _ M P_ 4_ _ _ _ _ L _ _ _ _ _ M P_ 4_ _ _ _ _ G_ _ _ _ _ L P_ 4_ _ _ _ _ H_ _ _ _ _ L P_ 4_ _ _ _ _ L _ _ _ _ _ L A future version will include a fix for this vulnerability. We will update this document when the remediation is available. Until then, customers should immediately apply the following mitigations to reduce the risk of exploit: • Ensure P40 operates within a physically or logically segmented internal network. Access to this network should be tightly controlled using standard security mechanisms such as firewalls, intrusion detection systems (IDS), and other relevant protective measures. • Reduce the “Minimum inactivity period” using the CAE tool to shorten session timeout durations and minimize the risk of unauthorized access due to inactive sessions
Patch: Version 3.0.4 of EPAS-UI includes a fix for this vulnerability. Contact Schneider Electric’s Custo
Version 3.0.4 of EPAS-UI includes a fix for this vulnerability. Contact Schneider Electric’s Customer Care Center to download this software.
Patch: Version C434.679.700 Easergy MiCOM C434 includes a fix for this vulnerability. Contact Schneider Ele
Version C434.679.700 Easergy MiCOM C434 includes a fix for this vulnerability. Contact Schneider Electric’s Customer Care Center for information on how to contact your local Application Center to update the device.
Patch: Version V02.003.001 of PowerLogic™ P7 includes a fix for this vulnerability Contact Schneider Elect
Version V02.003.001 of PowerLogic™ P7 includes a fix for this vulnerability Contact Schneider Electric’s Customer Care Center to download this firmware.
Patch: Version 64.2025.0.14 of iPMFLS includes a fix for this vulnerability. Contact Schneider Electric’s
Version 64.2025.0.14 of iPMFLS includes a fix for this vulnerability. Contact Schneider Electric’s Customer Care Center for information on how to contact your local Application Center to update the device.
Patch: Version P633.678.700 Easergy MiCOM P633 includes a fix for this vulnerability. Contact Schneider Ele
Version P633.678.700 Easergy MiCOM P633 includes a fix for this vulnerability. Contact Schneider Electric’s Customer Care Center for information on how to contact your local Application Center to update the device.
Patch: Version P539.678.700 Easergy MiCOM P539 includes a fix for this vulnerability. Contact Schneider Ele
Version P539.678.700 Easergy MiCOM P539 includes a fix for this vulnerability. Contact Schneider Electric’s Customer Care Center for information on how to contact your local Application Center to update the device.
Mitigation: Schneider Electric is establishing a remediation plan for all future versions of the following mode
Schneider Electric is establishing a remediation plan for all future versions of the following models of the Easergy MiCOM P30: P437 P532 P631 P634 P436 P438 P638 Future versions will include a fix for this vulnerability. We will update this document when the remediation is available. Until then, customers should immediately apply the following mitigations to reduce the risk of exploit: • Ensure P30 operates within a physically or logically segmented internal network. Access to this network should be tightly controlled using standard security mechanisms such as firewalls, intrusion detection systems (IDS), and other relevant protective measures. • Reduce the “Minimum inactivity period” using the CAE tool to shorten session timeout durations and minimize the risk of unauthorized access due to inactive sessions
Patch: Version P633.680.701 Easergy MiCOM P633 includes a fix for this vulnerability. Contact Schneider Ele
Version P633.680.701 Easergy MiCOM P633 includes a fix for this vulnerability. Contact Schneider Electric’s Customer Care Center for information on how to contact your local Application Center to update the device.
Patch: Version D7.34 of MiCOM C264 includes a fix for this vulnerability. Contact Schneider Electric’s Cu
Version D7.34 of MiCOM C264 includes a fix for this vulnerability. Contact Schneider Electric’s Customer Care Center for information on how to contact your local Application Center to update the device. Reboot is required

// References