Cleartext Storage of Sensitive Information Vulnerability in Schneider Electric Product
CVE-2026-6332

6.8MEDIUM

Key Information:

Vendor: Schneider Electric
Status: Ecostruxure™ Machine Expert Hvac
Vendor: CVE Published:; 14 May 2026

🔔 Create Schneider Electric Vulnerability Alert

What is CVE-2026-6332?

A vulnerability exists in Schneider Electric's product related to the cleartext storage of sensitive information. This weakness allows an authorized attacker, upon gaining access to the source code, to potentially disclose protected information. The lack of encryption could lead to the loss of confidentiality, risking unauthorized exposure of critical intellectual property.

Affected Version(s)

Ecostruxure™ Machine Expert HVAC Versions prior to 1.10.0

References

https://download.schneider-electric.com/files?p_Doc_Ref=S...

CVSS V4

Score:

6.8

Severity:

MEDIUM

Confidentiality:

High

Integrity:

None

Availability:

None

Attack Vector:

Local

Attack Complexity:

Low

Attack Required:

None

Privileges Required:

Undefined

User Interaction:

None

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
May 14, 2026
Vulnerability Reserved
Apr 15, 2026

CVE-2026-6332 Data

JSON