Primary

Context

Schneider Electric PowerChute Serial Shutdown Uncontrolled Resource Consumption Vulnerability Leading to Denial-of-Service

Vulnerability

A vulnerability allowing uncontrolled resource consumption has been identified in Schneider Electric's PowerChute Serial Shutdown software, specifically in versions through 1.4. This vulnerability could lead to excessive creation of troubleshooting zip files and cause a denial-of-service condition. The issue arises when a Web Admin user inundates the system with POST /helpabout requests.

Impact

Exploitation of this vulnerability can cause a denial-of-service condition by overwhelming the system with excessive troubleshooting zip file creation.

Remediation

Users can upgrade to version 1.5 of PowerChute Serial Shutdown, which includes a fix for this vulnerability. Version 1.5 is available for download from the Schneider Electric website. Specific instructions and hardening guidelines can be found in the Security Handbook.

Added: Apr 14, 2026, 5:11 PM

Updated: Apr 14, 2026, 5:11 PM

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

2.5

exploitability

4.8

remediation

0.0

relevance

5.9

threat

0.0

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

2.5

exploitability

4.8

remediation

0.0

relevance

5.9

threat

0.0

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Schneider Electric PowerChute Serial Shutdown Uncontrolled Resource Consumption Vulnerability Leading to Denial-of-Service

Vulnerability

Impact

Remediation

Affected Products

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating