Hard-coded SNMP creds in Schneider device enable unauth access
CVE-2026-4832 Published on April 14, 2026
CWE-798 Use of Hard-coded Credentials vulnerability exists that could cause unauthorized access to sensitive device information when an unauthenticated attacker is able to interrogate the SNMP port.
Weakness Type
Use of Hard-coded Credentials
The software contains hard-coded credentials, such as a password or cryptographic key, which it uses for its own inbound authentication, outbound communication to external components, or encryption of internal data.
Affected Versions
Schneider Electric Easergy MiCOM P14x:- Version All versions prior to B4A is affected.
- Version All versions prior to D3A is affected.
- Version All versions prior to E3F is affected.
- Version All versions prior to B3F is affected.
- Version All versions prior to E3A is affected.
- Version All versions prior to H6A is affected.
- Version All versions prior to B4A is affected.
- Version All versions prior to B3F is affected.
- Version All versions prior to B2A is affected.
- Version All versions prior to B4E or C4E is affected.
- Version All versions prior to G6A is affected.
- Version All versions prior to B4A is affected.