Cyber Resilience

CVE-2026-2403

Medium

Published: 14 April 2026

Published
14 April 2026
Modified
22 April 2026
KEV Added
Patch
CVSS Score v4 5.3 CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
EPSS Score 0.0017 6.6th percentile
Risk Priority 35 floored blend · peak EPSS

Summary

CVE-2026-2403 is a medium-severity Improper Validation of Specified Quantity in Input (CWE-1284) vulnerability in Schneider-Electric Powerchute Serial Shutdown. Its CVSS base score is 5.3 (Medium).

Operationally, exploitation aligns with the MITRE ATT&CK technique Indicator Removal (T1070); ranked at the 6.6th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog.

EU & UK References

Vulnerability details

CWE-1284 Improper Validation of Specified Quantity in Input vulnerability exists that could cause Event and Data Log truncation impacting log integrity when a Web Admin user alters the POST /logsettings request payload.

CWE(s)

Related Threats

MITRE ATT&CK Enterprise TechniquesAI

T1070 Indicator Removal Stealth
Adversaries may selectively delete or modify artifacts generated to reduce indications of their presence and blend in with legitimate activity.
T1685.005 Clear Windows Event Logs Defense Impairment
Adversaries may clear Windows Event Logs to hide the activity of an intrusion.
T1685.006 Clear Linux or Mac System Logs Defense Impairment
Adversaries may clear system logs to hide evidence of an intrusion.
T1685 Disable or Modify Tools Defense Impairment
Adversaries may disable, degrade, or tamper with security tools or applications (e.
T1685.001 Disable or Modify Windows Event Log Defense Impairment
Adversaries may disable or modify the Windows Event Log to limit data that can be leveraged for detections and audits.
Why these techniques?

Vulnerability directly enables log truncation via malformed POST input, facilitating indicator removal and defense impairment by impacting log integrity.

Confidence: HIGH · MITRE ATT&CK Enterprise v19.0

Affected Assets

schneider-electric
powerchute serial shutdown
≤ 1.5

Mitigating Controls

No mitigating controls mapped yet. The per-CVE control annotator has not reached this CVE.

References