Severity by source
CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:P/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Primary rating from NVD · only source for this CVE.
CVSS VectorNVD
CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:P/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Lifecycle Timeline
4DescriptionCVE.org
CWE-532 Insertion of Sensitive Information into Log File vulnerability exists that could cause confidential information to be exposed when a Web Admin user executes a malicious file provided by an attacker.
AnalysisAI
Schneider Electric PowerChute™ Serial Shutdown versions 1.4 and prior expose confidential information through log file insertion when a Web Admin user executes a malicious file supplied by an attacker. The vulnerability (CWE-532) results in low confidentiality impact with local access required and user interaction; no public exploit code or active exploitation has been identified, and the overall CVSS score of 2.4 reflects limited real-world risk despite information disclosure classification.
Technical ContextAI
CWE-532 (Insertion of Sensitive Information into Log File) describes a flaw where sensitive data is written to log files without proper filtering or sanitization. In PowerChute™ Serial Shutdown, the vulnerability occurs when a Web Admin user processes a malicious file crafted by an attacker; the application's logging mechanism fails to strip or obfuscate sensitive information before writing it to logs. This allows an attacker with local system access and who can trick an authenticated administrator into opening a malicious file to view confidential data that would normally be protected. The affected product (CPE: cpe:2.3:a:schneider_electric:powerchute™_serial_shutdown:*:*:*:*:*:*:*:*) is a shutdown management utility typically deployed in industrial and data center environments where log files may be accessible to multiple users with varying privilege levels.
RemediationAI
Upgrade PowerChute™ Serial Shutdown to a version later than 1.4; exact patched version numbers are not specified in the available advisory references, so consult Schneider Electric's SEVD-2026-104-01 security notice for the specific fixed release. As an interim mitigation, restrict access to application log files through operating system file permissions to authenticated users with a legitimate need, and educate Web Admin users to avoid executing files from untrusted sources. Refer to Schneider Electric's official security advisory at https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2026-104-01&p_enDocType=Security+and+Safety+Notice&p_File_Name=SEVD-2026-104-01.pdf for complete remediation details.
More in Powerchute Serial Shutdown
View allSchneider Electric PowerChute Serial Shutdown v1.4 and prior allows remote credential brute force attacks due to missing
Log injection via improper output encoding in Schneider Electric PowerChute™ Serial Shutdown allows unauthenticated remo
PowerChute Serial Shutdown allows authenticated administrative users to overwrite critical system files via path travers
Improper validation of input quantity in Schneider Electric PowerChute Serial Shutdown versions 1.4 and prior allows aut
CRLF injection in Schneider Electric PowerChute™ Serial Shutdown versions 1.4 and prior allows authenticated Web Admin u
Denial of service in Schneider Electric PowerChute Serial Shutdown versions 1.4 and prior allows authenticated Web Admin
Same technique Information Disclosure
View allShare
External POC / Exploit Code
Leaving vuln.today
EUVD-2026-22286