NULL Pointer Dereference Vulnerability in Schneider Electric's HMI Systems
CVE-2026-9716

8.7HIGH

Key Information:

Vendor: Schneider Electric
Status: Powerlogic™ P7
Vendor: CVE Published:; 25 June 2026

🔔 Create Schneider Electric Vulnerability Alert

What is CVE-2026-9716?

A NULL Pointer Dereference vulnerability has been identified in Schneider Electric's HMI systems, which could lead to a denial-of-service condition. This issue arises when malformed requests are processed through exposed network interfaces, potentially making the HMI configuration and functionalities unavailable. Users are advised to review their systems and apply necessary precautions to mitigate the risk.

Affected Version(s)

PowerLogic™ P7 Version V02.003.001.000 and prior

References

https://download.schneider-electric.com/files?p_Doc_Ref=S...

CVSS V4

Score:

8.7

Severity:

HIGH

Confidentiality:

None

Integrity:

None

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Attack Required:

None

Privileges Required:

Undefined

User Interaction:

None

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Jun 25, 2026
Vulnerability Reserved
May 27, 2026

CVE-2026-9716 Data

JSON