Severity by source
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Remote, low-complexity, unauthenticated malformed requests crash the HMI service with availability-only impact, so PR:N/AC:L/A:H and C:N/I:N.
Primary rating from Vendor (schneider).
CVSS VectorVendor: schneider
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Lifecycle Timeline
1DescriptionCVE.org
CWE-476 NULL Pointer Dereference vulnerability exists that could cause a denial-of-service condition, rendering the device’s HMI and configuration functionality unavailable when malformed requests are received over exposed network interfaces.
AnalysisAI
Denial-of-service in Schneider Electric PowerLogic P7 power metering devices allows remote, unauthenticated attackers to crash the device's HMI and configuration functionality by sending malformed requests to exposed network interfaces. The flaw stems from a NULL pointer dereference (CWE-476) that renders local management and configuration unavailable until recovery. …
Unlock full vulnerability intelligence
- Risk assessment & exploitation conditions
- Attack chain visualization
- Remediation with exact patch versions
- Threat intelligence from 22 sources
- Personal watchlist & email alerts
Free forever · No credit card required
Attack ChainAIDerived
Hypothetical attack flow derived from CVE metadata
Vulnerability AssessmentAI
| Exploitation | Exploitation requires network reachability to the PowerLogic P7's exposed management/HMI/configuration interface - the description explicitly scopes this to 'malformed requests received over exposed network interfaces,' so the interface being network-accessible to the attacker is the key prerequisite. … Additional conditions and limiting factors are described in the full assessment. |
| Risk Assessment | The supplied CVSS 4.0 vector (AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H, base 8.7) describes a low-complexity, network-reachable, unauthenticated attack with no user interaction and pure availability impact - a strong availability-only profile. … Full risk analysis with EPSS, KEV, and SSVC signal comparison available after sign-in. |
| Exploit Scenario | An attacker with network reachability to an exposed PowerLogic P7 management interface sends a specially malformed request that triggers the NULL pointer dereference, faulting the device's HMI and configuration service and making local monitoring and reconfiguration unavailable. Given AV:N/AC:L/PR:N, no authentication or user interaction is required, and the attack can likely be repeated to sustain the outage; no public POC is referenced in the available data. |
| Remediation | Patch status: Patch available per vendor advisory - apply the fixed firmware identified in Schneider Electric notice SEVD-2026-160-03 (https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2026-160-03&p_enDocType=Security+and+Safety+Notice&p_File_Name=SEVD-2026-160-03.pdf); the exact patched version is not stated in the provided data, so confirm it against that advisory. … Detailed patch versions, workarounds, and compensating controls in full report. |
Recommended ActionAI
24 hours: Inventory all Schneider Electric PowerLogic P7 devices; assess network exposure and connectivity; implement firewall rules restricting remote access to these devices from designated management systems only. …
Sign in for detailed remediation steps and compensating controls.
Threat intelligence, references, and detailed analysis are available after sign-in.
More in Powerlogic P7
View allAuthenticated command injection in Schneider Electric PowerLogic P7 power metering devices allows a privileged user to e
Denial-of-service in Schneider Electric PowerLogic P7 power monitoring devices allows an authenticated attacker to crash
Same weakness CWE-476 – NULL Pointer Dereference
View allSame technique Denial Of Service
View allShare
External POC / Exploit Code
Leaving vuln.today
EUVD-2026-39433
GHSA-r5gq-r69x-5f8p