{"$ref":"https://www.cert.ssi.gouv.fr/openapi.json","affected_systems":[{"description":"EcoStruxure Power Automation System Gateway (EPAS-GTW) versions ant\u00e9rieures ou \u00e9gales \u00e0 6.4.616.200.100","product":{"name":"N/A","vendor":{"name":"Schneider Electric","scada":true}}},{"description":"Easergy MiCOM P532 vers:generic/ versions ant\u00e9rieures ou \u00e9gales \u00e0 P532.678.700 pour la vuln\u00e9rabilit\u00e9 CVE-2026-4827","product":{"name":"N/A","vendor":{"name":"Schneider Electric","scada":true}}},{"description":"EcoStruxure Process Expert 2023 versions ant\u00e9rieures \u00e0 4.8.0.5715","product":{"name":"N/A","vendor":{"name":"Schneider Electric","scada":true}}},{"description":"Easergy MiCOM P634 versions ant\u00e9rieures \u00e0 P634.680.700","product":{"name":"N/A","vendor":{"name":"Schneider Electric","scada":true}}},{"description":"EcoStruxure Panel Server PAS800V2 versions ant\u00e9rieures ou \u00e9gales \u00e0 002.005.000","product":{"name":"N/A","vendor":{"name":"Schneider Electric","scada":true}}},{"description":"Easergy MiCOM P138 vers:generic/ versions ant\u00e9rieures ou \u00e9gales \u00e0 P138.677.700","product":{"name":"N/A","vendor":{"name":"Schneider Electric","scada":true}}},{"description":"Easergy MiCOM P40 Series toutes versions pour la vuln\u00e9rabilit\u00e9 CVE-2026-4827","product":{"name":"N/A","vendor":{"name":"Schneider Electric","scada":true}}},{"description":"Easergy MiCOM P631 vers:generic/ versions ant\u00e9rieures ou \u00e9gales \u00e0 P631.678.700 pour la vuln\u00e9rabilit\u00e9 CVE-2026-4827","product":{"name":"N/A","vendor":{"name":"Schneider Electric","scada":true}}},{"description":"Easergy MiCOM P638 vers:generic/ versions ant\u00e9rieures ou \u00e9gales \u00e0 P638.677.700 pour la vuln\u00e9rabilit\u00e9 CVE-2026-4827","product":{"name":"N/A","vendor":{"name":"Schneider Electric","scada":true}}},{"description":"EcoStruxure Process Expert for AVEVA System Platform versions ant\u00e9rieures \u00e0 2023","product":{"name":"N/A","vendor":{"name":"Schneider Electric","scada":true}}},{"description":"Easergy MiCOM P632 vers:generic/ versions ant\u00e9rieures ou \u00e9gales \u00e0 P632.678.700","product":{"name":"N/A","vendor":{"name":"Schneider Electric","scada":true}}},{"description":"EcoStruxure Power Automation System User Interface (EPAS-UI) versions ant\u00e9rieures ou \u00e9gales \u00e0 3.0.3 pour la vuln\u00e9rabilit\u00e9 CVE-2026-4827","product":{"name":"N/A","vendor":{"name":"Schneider Electric","scada":true}}},{"description":"Easergy MiCOM P539 vers:generic/ versions ant\u00e9rieures ou \u00e9gales \u00e0 P539.678.700","product":{"name":"N/A","vendor":{"name":"Schneider Electric","scada":true}}},{"description":"Easergy MiCOM P634 vers:generic/ versions ant\u00e9rieures ou \u00e9gales \u00e0 P634.678.700","product":{"name":"N/A","vendor":{"name":"Schneider Electric","scada":true}}},{"description":"Easergy MiCOM P436 vers:generic/ versions ant\u00e9rieures ou \u00e9gales \u00e0 P436.677.701 pour la vuln\u00e9rabilit\u00e9 CVE-2026-4827","product":{"name":"N/A","vendor":{"name":"Schneider Electric","scada":true}}},{"description":"Easergy MiCOM C264 vers:generic/ versions ant\u00e9rieures ou \u00e9gales \u00e0 D7.33","product":{"name":"N/A","vendor":{"name":"Schneider Electric","scada":true}}},{"description":"Easergy MiCOM P439 vers:generic/ versions ant\u00e9rieures ou \u00e9gales \u00e0 P439.678.700","product":{"name":"N/A","vendor":{"name":"Schneider Electric","scada":true}}},{"description":"EcoStruxure Panel Server PAS600 versions ant\u00e9rieures ou \u00e9gales \u00e0 002.005.000","product":{"name":"N/A","vendor":{"name":"Schneider Electric","scada":true}}},{"description":"Easergy C5 versions ant\u00e9rieures ou \u00e9gales \u00e0 1.1.17","product":{"name":"N/A","vendor":{"name":"Schneider Electric","scada":true}}},{"description":"Easergy MiCOM P139 vers:generic/ versions ant\u00e9rieures ou \u00e9gales \u00e0 P139.678.700 pour la vuln\u00e9rabilit\u00e9 CVE-2026-4827","product":{"name":"N/A","vendor":{"name":"Schneider Electric","scada":true}}},{"description":"Easergy MiCOM P437 vers:generic/ versions ant\u00e9rieures ou \u00e9gales \u00e0 P437.678.700 pour la vuln\u00e9rabilit\u00e9 CVE-2026-4827","product":{"name":"N/A","vendor":{"name":"Schneider Electric","scada":true}}},{"description":"Easergy MiCOM P438 vers:generic/ versions ant\u00e9rieures ou \u00e9gales \u00e0 P438.677.701 pour la vuln\u00e9rabilit\u00e9 CVE-2026-4827","product":{"name":"N/A","vendor":{"name":"Schneider Electric","scada":true}}},{"description":"EcoStruxure Panel Server PAS400 versions ant\u00e9rieures ou \u00e9gales \u00e0 002.005.000","product":{"name":"N/A","vendor":{"name":"Schneider Electric","scada":true}}},{"description":"EcoStruxure Panel Server PAS600V2 versions ant\u00e9rieures ou \u00e9gales \u00e0 002.005.000","product":{"name":"N/A","vendor":{"name":"Schneider Electric","scada":true}}},{"description":"Easergy MiCOM C434 vers:generic/ versions ant\u00e9rieures ou \u00e9gales \u00e0 C434.679.700","product":{"name":"N/A","vendor":{"name":"Schneider Electric","scada":true}}},{"description":"Ecostruxure Machine Expert HVAC versions ant\u00e9rieures \u00e0 1.10.0","product":{"name":"N/A","vendor":{"name":"Schneider Electric","scada":true}}},{"description":"EcoStruxure Process Expert versions ant\u00e9rieures \u00e0 2020 R2 pour la vuln\u00e9rabilit\u00e9 CVE-2025-0327","product":{"name":"N/A","vendor":{"name":"Schneider Electric","scada":true}}},{"description":"EcoStruxure Process Expert for AVEVA System Platform versions ant\u00e9rieures \u00e0 2021","product":{"name":"N/A","vendor":{"name":"Schneider Electric","scada":true}}},{"description":"Easergy MiCOM P633 versions ant\u00e9rieures \u00e0 P633.680.700","product":{"name":"N/A","vendor":{"name":"Schneider Electric","scada":true}}},{"description":"EcoStruxure Process Expert for AVEVA System Platform versions ant\u00e9rieures \u00e0 2020 R2","product":{"name":"N/A","vendor":{"name":"Schneider Electric","scada":true}}},{"description":"EcoStruxure Power Operation vers:generic/ versions ant\u00e9rieures ou \u00e9gales \u00e0 2024 CU2","product":{"name":"N/A","vendor":{"name":"Schneider Electric","scada":true}}},{"description":"EcoStruxure Power Operation vers:generic/ versions ant\u00e9rieures ou \u00e9gales \u00e0 2022 CU6","product":{"name":"N/A","vendor":{"name":"Schneider Electric","scada":true}}},{"description":"Easergy MiCOM P633 vers:generic/ versions ant\u00e9rieures ou \u00e9gales \u00e0 P633.678.700","product":{"name":"N/A","vendor":{"name":"Schneider Electric","scada":true}}},{"description":"EcoStruxure Panel Server PAS800 versions ant\u00e9rieures ou \u00e9gales \u00e0 002.005.000","product":{"name":"N/A","vendor":{"name":"Schneider Electric","scada":true}}},{"description":"EcoStruxure Process Expert versions ant\u00e9rieures \u00e0 2021 pour la vuln\u00e9rabilit\u00e9 CVE-2025-0327","product":{"name":"N/A","vendor":{"name":"Schneider Electric","scada":true}}}],"affected_systems_content":null,"content":"## Solutions\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l'\u00e9diteur pour l'obtention des correctifs (cf. section Documentation).","cves":[{"name":"CVE-2026-6866","url":"https://www.cve.org/CVERecord?id=CVE-2026-6866"},{"name":"CVE-2025-0327","url":"https://www.cve.org/CVERecord?id=CVE-2025-0327"},{"name":"CVE-2026-4827","url":"https://www.cve.org/CVERecord?id=CVE-2026-4827"},{"name":"CVE-2026-6332","url":"https://www.cve.org/CVERecord?id=CVE-2026-6332"}],"links":[],"reference":"CERTFR-2026-AVI-0566","revisions":[{"description":"Version initiale","revision_date":"2026-05-12T00:00:00.000000"}],"risks":[{"description":"Atteinte \u00e0 l'int\u00e9grit\u00e9 des donn\u00e9es"},{"description":"Contournement de la politique de s\u00e9curit\u00e9"},{"description":"Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"},{"description":"\u00c9l\u00e9vation de privil\u00e8ges"}],"summary":"De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans les produits Schneider Electric. Certaines d'entre elles permettent \u00e0 un attaquant de provoquer une \u00e9l\u00e9vation de privil\u00e8ges, une atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es et une atteinte \u00e0 l'int\u00e9grit\u00e9 des donn\u00e9es.","title":"Multiples vuln\u00e9rabilit\u00e9s dans les produits Schneider Electric","vendor_advisories":[{"published_at":"2026-05-12","title":"Bulletin de s\u00e9curit\u00e9 Schneider Electric SEVD-2026-132-02","url":"https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2026-132-02&p_enDocType=Security+and+Safety+Notice&p_File_Name=SEVD-2026-132-02.pdf"},{"published_at":"2026-05-12","title":"Bulletin de s\u00e9curit\u00e9 Schneider Electric SEVD-2026-132-04","url":"https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2026-132-04&p_enDocType=Security+and+Safety+Notice&p_File_Name=SEVD-2026-132-04.pdf"},{"published_at":"2026-05-12","title":"Bulletin de s\u00e9curit\u00e9 Schneider Electric SEVD-2025-042-03","url":"https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2025-042-03&p_enDocType=Security+and+Safety+Notice&p_File_Name=SEVD-2025-042-03.pdf"},{"published_at":"2026-05-12","title":"Bulletin de s\u00e9curit\u00e9 Schneider Electric SEVD-2026-132-01","url":"https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2026-132-01&p_enDocType=Security+and+Safety+Notice&p_File_Name=SEVD-2026-132-01.pdf"}]}