CISA Warns of Three Vulnerabilities in Schneider Electric PowerLogic P7 Platform
CISA disclosed three vulnerabilities in Schneider Electric's PowerLogic P7 protection and control platform, including an OS command injection flaw that could allow unauthorized privileged command execution.
CISA released an advisory on June 25, 2026, detailing three vulnerabilities in Schneider Electric's PowerLogic P7 protection and control platform, a device used in complex electrical network applications across critical infrastructure sectors worldwide. The vulnerabilities—tracked as CVE-2026-9716, CVE-2026-9717, and CVE-2026-9718—affect firmware versions up to 0.2.003.001.000 and could lead to denial of service, unauthorized command execution, and loss of HMI operability.
The most severe flaw, CVE-2026-9717, is an OS command injection vulnerability (CVSS 7.2) that allows an authenticated attacker with elevated privileges to execute arbitrary commands on the device. This could compromise system integrity, confidentiality, and availability, potentially enabling attackers to disrupt critical energy and manufacturing operations. The vulnerability resides in a network-exposed service that processes SOAP requests on ports 8080 and 3702.
CVE-2026-9716 is a NULL pointer dereference (CVSS 7.5) that can be triggered by sending malformed requests over exposed network interfaces, causing a denial-of-service condition that renders the device's HMI and configuration functionality unavailable. CVE-2026-9718 is a reachable assertion bug (CVSS 4.9) that allows an authenticated attacker to trigger a denial-of-service condition via specially crafted requests. Both flaws could disrupt critical control systems.
Schneider Electric has released firmware version V02.004.001 to address all three vulnerabilities. The fix is available for download through the company's Customer Care Center and requires a device reboot. For organizations that cannot immediately apply the patch, CISA recommends restricting network access to ports 8080 and 3702, monitoring for anomalous SOAP requests targeting the wsApp service, and applying least-privilege principles for all users interacting with the PowerLogic P7.
The vulnerabilities were reported to Schneider Electric by Cytrics and coordinated through CISA's industrial control system advisory process. The PowerLogic P7 is deployed globally across commercial facilities, critical manufacturing, and energy sectors, making timely patching essential to prevent operational disruptions.
This advisory follows a series of CISA warnings for Schneider Electric products, including a path traversal flaw in EasyLogic T150 and Saitel DP RTUs (CVE-2026-6865) and an insufficient entropy vulnerability affecting dozens of products across the Easergy, EcoStruxure, PowerLogic, and Saitel lines (CVE-2026-4827). The recurring vulnerabilities highlight the challenges of securing complex industrial control systems that are increasingly connected to enterprise networks.