{"description":"Trending threats, MITRE ATT\u0026CK coverage, and detection metadata. Fed continuously.","feed_url":"https://feed.craftedsignal.io/products/easergy-micom-p746-all-versions-prior-to-c4e/feed.json","home_page_url":"https://feed.craftedsignal.io/","items":[{"_cs_actors":[],"_cs_cpes":[],"_cs_cves":[{"id":"CVE-2026-4832"}],"_cs_exploited":false,"_cs_has_poc":false,"_cs_poc_references":[],"_cs_products":["Easergy MiCOM P14x (All versions prior to B4A)","Easergy MiCOM P24x (All versions prior to D3A)","Easergy MiCOM P341 (All versions prior to E3F)","Easergy MiCOM P342 (All versions prior to B3F)","Easergy MiCOM P343 (All versions prior to B3F)","Easergy MiCOM P344 (All versions prior to B3F)","Easergy MiCOM P345 (All versions prior to B3F)","Easergy MiCOM P442 (All versions prior to E3A)","Easergy MiCOM P444 (All versions prior to E3A)","Easergy MiCOM P443 (All versions prior to H6A)","Easergy MiCOM P445 (All versions prior to H6A)","Easergy MiCOM P446 (All versions prior to H6A)","Easergy MiCOM P543 (All versions prior to H6A)","Easergy MiCOM P544 (All versions prior to H6A)","Easergy MiCOM P545 (All versions prior to H6A)","Easergy MiCOM P546 (All versions prior to H6A)","Easergy MiCOM P841 (All versions prior to G6A)","Easergy MiCOM P643 (All versions prior to B3F)","Easergy MiCOM P642 (All versions prior to B4A)","Easergy MiCOM P645 (All versions prior to B4A)","Easergy MiCOM P741 (All versions prior to B2A)","Easergy MiCOM P742 (All versions prior to B2A)","Easergy MiCOM P743 (All versions prior to B2A)","Easergy MiCOM P746 (All versions prior to B4E)","Easergy MiCOM P746 (All versions prior to C4E)","Easergy MiCOM P849 (All versions prior to B4A)"],"_cs_severities":["medium"],"_cs_tags":["ics","ot","scada","vulnerability","schneider-electric","snmp","cve-2026-4832","information-disclosure"],"_cs_type":"advisory","_cs_vendors":["Schneider Electric"],"content_html":"\u003cp\u003eSchneider Electric has identified a vulnerability, CVE-2026-4832, affecting its Easergy MiCOM Px40 Series protection relays. This flaw stems from the use of hard-coded credentials, exposing basic device identification information through the SNMP protocol. This vulnerability impacts various models including P14x (prior to B4A), P24x (prior to D3A), P34x, P44x, P54x, P64x, P74x, and P84x series, which are deployed worldwide in critical infrastructure sectors such as Critical Manufacturing, Energy, and Transportation Systems. An unauthenticated attacker can exploit this weakness by interrogating the SNMP port, potentially gaining insights into network topology and device specifics. The advisory, published on July 9, 2026, highlights the importance of immediate mitigation to prevent unauthorized information exposure.\u003c/p\u003e\n\u003ch2 id=\"attack-chain\"\u003eAttack Chain\u003c/h2\u003e\n\u003col\u003e\n\u003cli\u003eAn unauthenticated attacker gains network access to a Schneider Electric Easergy MiCOM Px40 Series device, typically by being on the same network segment or via compromised network infrastructure.\u003c/li\u003e\n\u003cli\u003eThe attacker targets the device's SNMP port (UDP 161) to initiate communication.\u003c/li\u003e\n\u003cli\u003eThe attacker sends SNMP Get or GetNext requests to the device.\u003c/li\u003e\n\u003cli\u003eDue to the hard-coded credentials (CWE-798), the device responds to these unauthenticated requests or requests made with commonly known or easily guessable community strings.\u003c/li\u003e\n\u003cli\u003eThe device's SNMP agent discloses basic device identification information, such as system description, device name, and other configuration data.\u003c/li\u003e\n\u003cli\u003eThis information exposure can aid the attacker in further reconnaissance and potentially lead to more targeted attacks against the critical infrastructure systems.\u003c/li\u003e\n\u003c/ol\u003e\n\u003ch2 id=\"impact\"\u003eImpact\u003c/h2\u003e\n\u003cp\u003eThe successful exploitation of CVE-2026-4832 leads to unauthorized exposure of basic device identification information. While not directly resulting in remote code execution or denial of service, this information disclosure provides attackers with valuable reconnaissance data about critical infrastructure assets. The Easergy MiCOM Px40 Series is widely deployed globally in Critical Manufacturing, Energy, and Transportation Systems sectors. Such details can be leveraged to map network topologies, identify specific device models and firmware versions, and plan more sophisticated attacks, increasing the risk to operational technology environments.\u003c/p\u003e\n\u003ch2 id=\"recommendation\"\u003eRecommendation\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFor Easergy MiCOM Px40 Series devices where SNMP functionality is not required, contact Schneider Electric's Customer Care Center to upgrade firmware to a version without SNMP functionality, addressing CVE-2026-4832.\u003c/li\u003e\n\u003cli\u003eIf SNMP is required, ensure devices are only used within a protected network environment, isolated from business networks, as outlined in the CISA advisory.\u003c/li\u003e\n\u003cli\u003eDeploy firewalls to protect and separate control system networks from other networks to restrict access to SNMP ports of affected devices.\u003c/li\u003e\n\u003cli\u003eFor any remote access to affected devices, implement secure Virtual Private Networks (VPNs) and ensure VPNs are updated to the most current versions, as suggested by the CISA advisory.\u003c/li\u003e\n\u003c/ul\u003e\n","date_modified":"2026-07-09T15:59:04Z","date_published":"2026-07-09T15:59:04Z","id":"https://feed.craftedsignal.io/briefs/2026-07-schneider-electric-easergy-micom-px40-cve-2026-4832/","summary":"Schneider Electric Easergy MiCOM Px40 Series products are vulnerable to CVE-2026-4832, a hard-coded credentials flaw (CWE-798) that allows unauthenticated attackers to interrogate the SNMP port and expose basic device identification information from critical manufacturing, energy, and transportation systems assets globally.","title":"Schneider Electric Easergy MiCOM Px40 Series Information Disclosure via Hard-coded Credentials (CVE-2026-4832)","url":"https://feed.craftedsignal.io/briefs/2026-07-schneider-electric-easergy-micom-px40-cve-2026-4832/"}],"language":"en","title":"CraftedSignal Threat Feed - Easergy MiCOM P746 (All Versions Prior to C4E)","version":"https://jsonfeed.org/version/1.1"}