Primary

Context

Schneider Electric PowerChute Serial Shutdown Improper Restriction of Excessive Authentication Attempts Vulnerability

Vulnerability

A vulnerability allowing improper restriction of excessive authentication attempts has been identified in Schneider Electric's PowerChute Serial Shutdown software, versions through 1.4. This vulnerability could enable an attacker to access user accounts by conducting an unlimited number of authentication attempts with various credentials across multiple endpoints.

Impact

Exploitation of this vulnerability could lead to unauthorized access to user accounts.

Remediation

Users can upgrade to version 1.5 of PowerChute Serial Shutdown, which addresses this vulnerability. This version is available for download from the Schneider Electric website. Specific instructions and hardening guidelines can be found in the Security Handbook.

Added: Apr 14, 2026, 5:17 PM

Updated: Apr 14, 2026, 5:17 PM

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

5.0

exploitability

7.4

remediation

0.0

relevance

5.9

threat

0.0

urgency

2.9

incentive

4.2

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

5.0

exploitability

7.4

remediation

0.0

relevance

5.9

threat

0.0

urgency

2.9

incentive

4.2

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Schneider Electric PowerChute Serial Shutdown Improper Restriction of Excessive Authentication Attempts Vulnerability

Vulnerability

Impact

Remediation

Affected Products

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating