CVE-2026-4832 PUBLISHED

Assigner: schneider
Reserved: 25.03.2026 Published: 14.04.2026 Updated: 14.04.2026

CWE-798 Use of Hard-coded Credentials vulnerability exists that could cause unauthorized access to sensitive device information when an unauthenticated attacker is able to interrogate the SNMP port.

Metrics

CVSS 4.0

CVSS Vector: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N
CVSS Score: 6.9

Exploitability Metrics		Vulnerable System Impact Metrics		Subsequent System Impact Metrics
Attack Vector	Network	Confidentiality	Low	Confidentiality	None
Attack Complexity	Low	Integrity	None	Integrity	None
Attack Requirements	None	Availability	None	Availability	None
Privileges Required	None
User Interaction	None

CVSS 4.0

Product Status

Vendor	Schneider Electric
Product	Easergy MiCOM P14x
Versions	Default: unaffected Version All versions prior to B4A is affected

Vendor	Schneider Electric
Product	Easergy MiCOM P24x
Versions	Default: unaffected Version All versions prior to D3A is affected

Vendor	Schneider Electric
Product	Easergy MiCOM P341
Versions	Default: unaffected Version All versions prior to E3F is affected

Vendor	Schneider Electric
Product	Easergy MiCOM P342, P343, P344, P345
Versions	Default: unaffected Version All versions prior to B3F is affected

Vendor	Schneider Electric
Product	Easergy MiCOM P442, P444
Versions	Default: unaffected Version All versions prior to E3A is affected

Vendor	Schneider Electric
Product	Easergy MiCOM P443, P445, P446, P543, P544, P545, P546
Versions	Default: unaffected Version All versions prior to H6A is affected

Vendor	Schneider Electric
Product	Easergy MiCOM P642, P645
Versions	Default: unaffected Version All versions prior to B4A is affected

Vendor	Schneider Electric
Product	Easergy MiCOM P643
Versions	Default: unaffected Version All versions prior to B3F is affected

Vendor	Schneider Electric
Product	Easergy MiCOM P741, P742, P743
Versions	Default: unaffected Version All versions prior to B2A is affected

Vendor	Schneider Electric
Product	Easergy MiCOM P746
Versions	Default: unaffected Version All versions prior to B4E or C4E is affected

Vendor	Schneider Electric
Product	Easergy MiCOM P841
Versions	Default: unaffected Version All versions prior to G6A is affected

Vendor	Schneider Electric
Product	Easergy MiCOM P849
Versions	Default: unaffected Version All versions prior to B4A is affected

References

https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2026-104-03&p_enDocType=Security+and+Safety+Notice&p_File_Name=SEVD-2026-104-03.pdf

Problem Types

CWE-798 Use of Hard-Coded Credentials CWE