CVE-2026-4827
Published: May 12, 2026
Modified: May 14, 2026
Description
CWE‑331: Insufficient Entropy vulnerability exists that could lead to unauthorized access when an attacker on the network can exploit weaknesses in session‑management protections.
| Vendor | Product | Versions |
|---|---|---|
Schneider Electric | Easergy MiCOM C264 | affected Versions D6.xaffected Versions D7.33 and prior |
Schneider Electric | Easergy C5 | affected Version 1.1.17 and prior |
Schneider Electric | Easergy MiCOM P30 | affected P139 version prior to P139.678.700affected P437 version prior to P437.678.700affected P439 version prior to P439.678.700affected P532 version prior to P532.678.700affected P539 version prior to P539.678.700+11 more versions |
Schneider Electric | Easergy MiCOM P40 | affected Series model numbers with Protocol Option bit as G, H or L and all firmware versions |
Schneider Electric | EcoStruxure™ Power Automation System Gateway (EPAS-GTW) | affected Version 6.4.616.200.100 and prior |
Schneider Electric | EcoStruxure™ Power Automation System User Interface (EPAS-UI) | affected Version 3.0.3 and prior |
Schneider Electric | EcoStruxure™ Power Operation | affected Version 2022 CU6 and prioraffected Version 2024 CU2 and prior |
Schneider Electric | iPMFLS | affected Version 64.2025.0.13 and prior |
Schneider Electric | PowerLogic™ P5 Protection Relay | affected V02.502.103 and prior |
Schneider Electric | PowerLogic™ P7 Protection and Control Platform | affected V02.002.002 and prior |
Schneider Electric | PowerLogic™ T300 | affected Version 2.9.4 and prior |
Schneider Electric | PowerLogic™ T500 | affected Version 11.08.02 and prior |
Schneider Electric | Saitel DP | affected Version 11.06.36 and prior |
Schneider Electric | EasyLogic T150 (formerly Saitel DR) | affected Version 11.06.30 and prior |
Weaknesses (CWE)
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now