Cleartext Storage Vulnerability Exposes Source Code in Schneider Electric Device
CVE-2026-6332 Published on May 14, 2026

Clear Text Storage of Sensitive Information on EcoStruxure™ Machine Expert HVAC
CWE-312: Cleartext Storage of Sensitive Information vulnerability exists that could cause the disclosure of a sensitive information which could result in revealing protected source code and loss of confidentiality, When an authorized attacker accesses the source code for editing or compiling it.

NVD

Weakness Type

Cleartext Storage of Sensitive Information

The application stores sensitive information in cleartext within a resource that might be accessible to another control sphere. Because the information is stored in cleartext, attackers could potentially read it. Even if the information is encoded in a way that is not human-readable, certain techniques could determine which encoding is being used, then decode the information.

Affected Versions

Schneider Electric Ecostruxure™ Machine Expert HVAC Version Versions prior to 1.10.0 is affected by CVE-2026-6332

Cleartext Storage Vulnerability Exposes Source Code in Schneider Electric DeviceCVE-2026-6332 Published on May 14, 2026

Weakness Type

Cleartext Storage of Sensitive Information

Affected Versions

Cleartext Storage Vulnerability Exposes Source Code in Schneider Electric Device
CVE-2026-6332 Published on May 14, 2026