Volerion logoVolerion
Volerion logoVolerion

Schneider Electric EcoStruxure Panel Server Initialization of a Resource with an Insecure Default Vulnerability Allowing Unauthorized Authentication

Vulnerability

A vulnerability exists in Schneider Electric's EcoStruxure Panel Server products, specifically in versions through 002.005.000. This vulnerability, categorized as CWE-1188, involves the initialization of a resource with an insecure default, which could lead to the unauthorized disclosure of sensitive information. In rare circumstances, credentials may revert to their initial settings, allowing unauthorized authentication with known credentials.

Impact

Exploitation of this vulnerability could result in unauthorized authentication, granting access to sensitive information.

Remediation

Users can upgrade to EcoStruxure Panel Server version 002.006.000, available for download from the Schneider Electric website, to address this vulnerability. A reboot is required after the upgrade. For assistance, contact Schneider Electric's Customer Care Center.

Added: May 12, 2026, 3:28 PM
Updated: May 12, 2026, 3:28 PM

Vulnerability Rating

Custom Algorithm
spread
0.0
impact
5.0
exploitability
7.0
remediation
0.0
relevance
8.1
threat
0.0
urgency
2.9
incentive
4.2

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.