Initialization of a Resource with an Insecure Default vulnerability on...

8.2 / 10

HIGH

CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N

Description

CWE-1188 Initialization of a Resource with an Insecure Default vulnerability exists that could cause unauthorized disclosure of sensitive information when credentials revert to initial settings in rare circumstances, enabling unauthorized authentication using known credentials.

Basic Information

ID CVE-2026-6866

Source schneider

Published May 12, 2026 at 13:59

Modified May 12, 2026 at 15:43

Affected Product

Vendor Schneider Electric

Product EcoStruxure™ Panel Server

Version Versions 002.005.000 and prior

Affected Versions Schneider Electric EcoStruxure™ Panel Server Versions 002.005.000 and prior

CWE Classification

CWE-1188

References

download.schneider-electric.com /files

{
    "lastseen": "",
    "description": "CWE-1188 Initialization of a Resource with an Insecure Default vulnerability exists that could cause unauthorized disclosure of sensitive information when credentials revert to initial settings in rare circumstances, enabling unauthorized authentication using known credentials.",
    "published": "2026-05-12T13:59:33.610Z",
    "modified": "2026-05-12T15:43:40.858Z",
    "type": "cve",
    "title": "Initialization of a Resource with an Insecure Default vulnerability on EcoStruxure\u2122 Panel Server",
    "source": "schneider",
    "references": "https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2026-132-04&p_enDocType=Security+and+Safety+Notice&p_File_Name=SEVD-2026-132-04.pdf",
    "id": "CVE-2026-6866",
    "bulletinFamily": "",
    "cwe": [
        "CWE-1188"
    ],
    "cvelist": null,
    "sourceData": "Schneider Electric EcoStruxure\u2122 Panel Server Versions 002.005.000 and prior",
    "sourceHref": "",
    "cvss": {
        "score": 8.2,
        "severity": "HIGH",
        "vector": "CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N",
        "version": "4.0"
    },
    "cvss2": [],
    "cvss3": {
        "version": "",
        "vectorString": "",
        "baseScore": 0,
        "baseSeverity": "",
        "attackVector": "",
        "attackComplexity": "",
        "privilegesRequired": "",
        "userInteraction": "",
        "scope": "",
        "confidentialityImpact": "",
        "integrityImpact": "",
        "availabilityImpact": "",
        "cvssV3": {
            "version": "",
            "vectorString": "",
            "baseScore": 0,
            "baseSeverity": "",
            "attackVector": "",
            "attackComplexity": "",
            "privilegesRequired": "",
            "userInteraction": "",
            "scope": "",
            "confidentialityImpact": "",
            "integrityImpact": "",
            "availabilityImpact": ""
        }
    },
    "href": "",
    "category_name": "CVE",
    "post_link": "",
    "product": "EcoStruxure\u2122 Panel Server",
    "version": "Versions 002.005.000 and prior",
    "vendor": "Schneider Electric",
    "ai_description": "",
    "ai_severity": "",
    "ai_vendor": "",
    "ai_product": "",
    "ai_version": "",
    "ai_score": 0
}

Initialization of a Resource with an Insecure Default vulnerability on EcoStruxure™ Panel Server_CVE-2026-6866