CVE-2026-6866
Initialization of a Resource with an Insecure Default vulnerability on EcoStruxure™ Panel Server
Vexday Risk Score
21Bajo
Decisión SSVC (CISA)
Track
Sin señal de explotación → monitorear
CVSS 8.2EPSS 0.3%KEV nãoPoC —Nuclei —Metasploit —Patch —
Ciclo de vida
12 may 2026Publicada en NVD
Recomendación: Monitorear — sin señal de explotación por ahora.
CWE-1188 Initialization of a Resource with an Insecure Default vulnerability exists that could cause unauthorized disclosure of sensitive information when credentials revert to initial settings in rare circumstances, enabling unauthorized authentication using known credentials.
CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
Productos afectados
Schneider Electric · EcoStruxure™ Panel Server¿Quieres saber si tu infraestructura está expuesta a esto?
Hablar con TrueHacking →