{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2026-2403", "assignerOrgId": "076d1eb6-cfab-4401-b34d-6dfc2a413bdb", "state": "PUBLISHED", "assignerShortName": "schneider", "dateReserved": "2026-02-12T13:19:02.490Z", "datePublished": "2026-04-14T15:21:10.802Z", "dateUpdated": "2026-04-14T16:27:27.629Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "076d1eb6-cfab-4401-b34d-6dfc2a413bdb", "shortName": "schneider", "dateUpdated": "2026-04-14T15:21:10.802Z"}, "problemTypes": [{"descriptions": [{"lang": "en", "cweId": "CWE-1284", "description": "CWE-1284 Improper Validation of Specified Quantity in Input", "type": "CWE"}]}], "affected": [{"vendor": "Schneider Electric", "product": "PowerChute\u2122 Serial Shutdown", "versions": [{"status": "affected", "version": "Versions 1.4 and prior"}], "defaultStatus": "unaffected"}], "descriptions": [{"lang": "en", "value": "CWE-1284 Improper Validation of Specified Quantity in Input vulnerability exists that could cause Event and Data Log truncation impacting log integrity when a Web Admin user alters the POST /logsettings request payload.", "supportingMedia": [{"type": "text/html", "base64": false, "value": "CWE-1284 Improper Validation of Specified Quantity in Input vulnerability exists that could cause Event and Data Log truncation impacting log integrity when a Web Admin user alters the POST /logsettings request payload."}]}], "references": [{"url": "https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2026-104-01&p_enDocType=Security+and+Safety+Notice&p_File_Name=SEVD-2026-104-01.pdf"}], "metrics": [{"format": "CVSS", "scenarios": [{"lang": "en", "value": "GENERAL"}], "cvssV4_0": {"attackVector": "NETWORK", "attackComplexity": "LOW", "attackRequirements": "NONE", "privilegesRequired": "LOW", "userInteraction": "NONE", "vulnConfidentialityImpact": "NONE", "subConfidentialityImpact": "NONE", "vulnIntegrityImpact": "LOW", "subIntegrityImpact": "NONE", "vulnAvailabilityImpact": "NONE", "subAvailabilityImpact": "NONE", "exploitMaturity": "NOT_DEFINED", "Safety": "NOT_DEFINED", "Automatable": "NOT_DEFINED", "Recovery": "NOT_DEFINED", "valueDensity": "NOT_DEFINED", "vulnerabilityResponseEffort": "NOT_DEFINED", "providerUrgency": "NOT_DEFINED", "version": "4.0", "baseSeverity": "MEDIUM", "baseScore": 5.3, "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N"}}], "source": {"discovery": "UNKNOWN"}, "x_generator": {"engine": "Vulnogram 1.0.1"}}, "adp": [{"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2026-04-14T16:23:47.895593Z", "id": "CVE-2026-2403", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-04-14T16:27:27.629Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2026-2403", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2026-04-14T16:23:47.895593Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-04-14T16:23:57.462Z"}}], "cna": {"source": {"discovery": "UNKNOWN"}, "metrics": [{"format": "CVSS", "cvssV4_0": {"Safety": "NOT_DEFINED", "version": "4.0", "Recovery": "NOT_DEFINED", "baseScore": 5.3, "Automatable": "NOT_DEFINED", "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "valueDensity": "NOT_DEFINED", "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N", "exploitMaturity": "NOT_DEFINED", "providerUrgency": "NOT_DEFINED", "userInteraction": "NONE", "attackComplexity": "LOW", "attackRequirements": "NONE", "privilegesRequired": "LOW", "subIntegrityImpact": "NONE", "vulnIntegrityImpact": "LOW", "subAvailabilityImpact": "NONE", "vulnAvailabilityImpact": "NONE", "subConfidentialityImpact": "NONE", "vulnConfidentialityImpact": "NONE", "vulnerabilityResponseEffort": "NOT_DEFINED"}, "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "affected": [{"vendor": "Schneider Electric", "product": "PowerChute\u2122 Serial Shutdown", "versions": [{"status": "affected", "version": "Versions 1.4 and prior"}], "defaultStatus": "unaffected"}], "references": [{"url": "https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2026-104-01&p_enDocType=Security+and+Safety+Notice&p_File_Name=SEVD-2026-104-01.pdf"}], "x_generator": {"engine": "Vulnogram 1.0.1"}, "descriptions": [{"lang": "en", "value": "CWE-1284 Improper Validation of Specified Quantity in Input vulnerability exists that could cause Event and Data Log truncation impacting log integrity when a Web Admin user alters the POST /logsettings request payload.", "supportingMedia": [{"type": "text/html", "value": "CWE-1284 Improper Validation of Specified Quantity in Input vulnerability exists that could cause Event and Data Log truncation impacting log integrity when a Web Admin user alters the POST /logsettings request payload.", "base64": false}]}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-1284", "description": "CWE-1284 Improper Validation of Specified Quantity in Input"}]}], "providerMetadata": {"orgId": "076d1eb6-cfab-4401-b34d-6dfc2a413bdb", "shortName": "schneider", "dateUpdated": "2026-04-14T15:21:10.802Z"}}}, "cveMetadata": {"cveId": "CVE-2026-2403", "state": "PUBLISHED", "dateUpdated": "2026-04-14T16:27:27.629Z", "dateReserved": "2026-02-12T13:19:02.490Z", "assignerOrgId": "076d1eb6-cfab-4401-b34d-6dfc2a413bdb", "datePublished": "2026-04-14T15:21:10.802Z", "assignerShortName": "schneider"}, "dataVersion": "5.2"}

{"cveTags": [], "descriptions": [{"lang": "en", "value": "CWE-1284 Improper Validation of Specified Quantity in Input vulnerability exists that could cause Event and Data Log truncation impacting log integrity when a Web Admin user alters the POST /logsettings request payload."}], "id": "CVE-2026-2403", "lastModified": "2026-04-14T16:16:38.913", "metrics": {"cvssMetricV40": [{"cvssData": {"Automatable": "NOT_DEFINED", "Recovery": "NOT_DEFINED", "Safety": "NOT_DEFINED", "attackComplexity": "LOW", "attackRequirements": "NONE", "attackVector": "NETWORK", "availabilityRequirement": "NOT_DEFINED", "baseScore": 5.3, "baseSeverity": "MEDIUM", "confidentialityRequirement": "NOT_DEFINED", "exploitMaturity": "NOT_DEFINED", "integrityRequirement": "NOT_DEFINED", "modifiedAttackComplexity": "NOT_DEFINED", "modifiedAttackRequirements": "NOT_DEFINED", "modifiedAttackVector": "NOT_DEFINED", "modifiedPrivilegesRequired": "NOT_DEFINED", "modifiedSubAvailabilityImpact": "NOT_DEFINED", "modifiedSubConfidentialityImpact": "NOT_DEFINED", "modifiedSubIntegrityImpact": "NOT_DEFINED", "modifiedUserInteraction": "NOT_DEFINED", "modifiedVulnAvailabilityImpact": "NOT_DEFINED", "modifiedVulnConfidentialityImpact": "NOT_DEFINED", "modifiedVulnIntegrityImpact": "NOT_DEFINED", "privilegesRequired": "LOW", "providerUrgency": "NOT_DEFINED", "subAvailabilityImpact": "NONE", "subConfidentialityImpact": "NONE", "subIntegrityImpact": "NONE", "userInteraction": "NONE", "valueDensity": "NOT_DEFINED", "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", "version": "4.0", "vulnAvailabilityImpact": "NONE", "vulnConfidentialityImpact": "NONE", "vulnIntegrityImpact": "LOW", "vulnerabilityResponseEffort": "NOT_DEFINED"}, "source": "cybersecurity@se.com", "type": "Secondary"}]}, "published": "2026-04-14T16:16:38.913", "references": [{"source": "cybersecurity@se.com", "url": "https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2026-104-01&p_enDocType=Security+and+Safety+Notice&p_File_Name=SEVD-2026-104-01.pdf"}], "sourceIdentifier": "cybersecurity@se.com", "vulnStatus": "Received", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-1284"}], "source": "cybersecurity@se.com", "type": "Primary"}]}

{}

{"analysis": {"en": {"generated_at": "2026-04-14T16:21:12.584589+00:00", "value": {"mitigation_remediation": ["Check the Schneider Electric website or vendor portal for an official patch or firmware update for PowerChute Serial Shutdown.", "If a patch is not yet available, restrict or disable access to the Web Admin /logsettings interface for untrusted users or disable the feature entirely.", "Enable external or off\u2011site logging to preserve an untampered copy of the logs for forensic purposes.", "Continuously monitor event and data log files for unexpected truncation events or anomalies."], "summary": {"action": "Patch", "impact": "Log Integrity Loss"}, "threat_synthesis": {"affected_systems": "Schneider Electric PowerChute Serial Shutdown is the affected product. No specific versioning information is provided in the advisory, so all current releases that expose the /logsettings endpoint should be considered potentially vulnerable.", "description_and_impact": "An improper input validation flaw in Schneider Electric PowerChute Serial Shutdown allows a Web Administrator to supply a malformed payload to the /logsettings endpoint, causing the event and data logs to be truncated and thereby compromising log integrity. This flaw is categorized as CWE-1284, reflecting a failure to enforce proper quantity limits during input processing. The loss of log integrity can hinder forensic investigations, impede audit processes, and mask malicious or accidental activity performed on the affected system.", "risk_and_exploitability": "The CVSS score of 5.3 places this vulnerability in the moderate range. Exploitation requires authenticated access to the Web Admin interface and the ability to issue a POST request to /logsettings, which suggests that the attack vector is management\u2011console based, either remote or local. The EPSS score is unavailable, and the vulnerability is not listed in the CISA KEV catalog, indicating that publicly known exploitation has not yet been demonstrated. Nevertheless, an attacker who can gain administrative privileges could truncate logs to conceal their actions, creating a significant integrity risk for compliance and security monitoring."}}}}, "created": "2026-04-14T16:30:18.792331+00:00", "title": "Log Truncation via Improper Input Validation in Schneider Electric PowerChute Serial Shutdown Web Admin", "updated": "2026-04-14T16:30:18.792356+00:00", "vendors": []}