Описание
CWE-1188 Initialization of a Resource with an Insecure Default vulnerability exists that could cause unauthorized disclosure of sensitive information when credentials revert to initial settings in rare circumstances, enabling unauthorized authentication using known credentials.
Затрагиваемое ПО
Schneider-electric Ecostruxure panel server pas400 firmwareSchneider-electric Ecostruxure panel server pas400Schneider-electric Ecostruxure panel server pas600 firmwareSchneider-electric Ecostruxure panel server pas600Schneider-electric Ecostruxure panel server pas600v2 firmwareSchneider-electric Ecostruxure panel server pas600v2Schneider-electric Ecostruxure panel server pas800 firmwareSchneider-electric Ecostruxure panel server pas800Schneider-electric Ecostruxure panel server pas800v2 firmwareSchneider-electric Ecostruxure panel server pas800v2
CVSS
| Балл | 7.5 — высокая |
| Вектор | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N |
Источники
https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2026-132-04&p_enDocType=Security+and+Safety+Notice&p_File_Name=SEVD-2026-132-04.pdf