CSIRTS // UNIFIED SECURITY ADVISORY FEEDSYS ● ONLINE · POWERED BY INTELFUSIONS.COM

CVE-2026-4832

criticalcovered by 1 sourcefirst seen 2026-07-09
View CSAF Summary Schneider Electric is aware of a vulnerability in its Easergy MiCOM Px40 Series products. The Easergy MiCOM Px40 is a protection relay series for Medium Voltage, High Voltage and Extra High Voltage protection. Failure to apply the mitigations provided below may risk unauthorized exposure of basic device identification through the SNMP protocol. The following versions of Schneider Electric Easergy MiCOM Px40 Series are affected: Easergy MiCOM P14x All versions prior to B4A Easergy MiCOM P24x All versions prior to D3A Easergy MiCOM P341 All versions prior to E3F Easergy MiCOM P342, P343, P344, P345 All versions prior to B3F Easergy MiCOM P442, P444 All versions prior to E3A Easergy MiCOM P443, P445, P446, P543, P544, P545, P546 All versions prior to H6A Easergy MiCOM P841 All versions prior to G6A Easergy MiCOM P643 All versions prior to B3F Easergy MiCOM P642, P645 All versions prior to B4A Easergy MiCOM P741, P742, P743 All versions prior to B2A Easergy MiCOM P746 All versions prior to B4E Easergy MiCOM P746 All versions prior to C4E Easergy MiCOM P849 All versions prior to B4A CVSS Vendor Equipment Vulnerabilities v3 5.3 Schneider Electric Schneider Electric Easergy MiCOM Px40 Series Use of Hard-coded Credentials Background Critical Infrastructure Sectors: Critical Manufacturing, Energy, Transportation Systems Countries/Areas Deployed: Worldwide Company Headquarters Location: France Vulnerabilities Expand All + CVE-2026-4832 CWE-798 Use of Hard-coded Credentials vulnerability exists that could cause unauthorized access to sensitive device information when an unauthenticated attacker is able to interrogate the SNMP port. View CVE Details Affected Products Schneider Electric Easergy MiCOM Px40 Series Vendor: Schneider Electric Product Version: Easergy MiCOM P14x All versions prior to B4A, Easergy MiCOM P24

CSIRTS triage

vendor: Schneider Electricproduct: Easergy MiCOM Px40 SeriesInformation disclosureaffected: All versions prior to B4A, D3A, E3F, B3F, E3A
What
Unauthorized exposure of basic device identification through the SNMP protocol.
Who is affected
Users of Schneider Electric Easergy MiCOM Px40 Series products with versions prior to the specified updates.
Urgency
Remediation is critical as it poses a risk of unauthorized information exposure.
Action
Apply the provided mitigations and update to the specified versions.

AI-assisted analysis generated from the source advisory — verify against the original.

⚡ Watch CVE-2026-4832

Get an email if CVE-2026-4832 is added to CISA KEV, gains public exploit code, or a new advisory cites it — max one per day, one-click unsubscribe.

Exploitation outlook

Advisory coverage (1)

External references

NVD record for CVE-2026-4832

CVE.org record

Embed the live status

CVE-2026-4832 live status badge — this badge updates automatically when the KEV or exploit status changes. How to embed it →

[![CVE-2026-4832 status](https://www.csirts.com/badge/CVE-2026-4832)](https://www.csirts.com/cve/CVE-2026-4832)