CVE-2026-1286
Received Received - Intake
Deserialization Vulnerability in Workstation Allows Remote Code Execution

Publication date: 2026-03-10

Last updated on: 2026-03-10

Assigner: Schneider Electric SE

Description
CWE-502: Deserialization of untrusted data vulnerability exists that could lead to loss of confidentiality, integrity and potential remote code execution on workstation when an admin authenticated user opens a malicious project file.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2026-03-10
Last Modified
2026-03-10
Generated
2026-06-16
AI Q&A
2026-03-10
EPSS Evaluated
2026-06-15
NVD
CVE-2026-1286
EUVD
EUVD-2026-10565
Affected Vendors & Products
Showing 1 associated CPE
Vendor Product Version / Range
schneider_electric ecostruxure_foxboro_dcs to CS8.1 (exc)
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-502 The product deserializes untrusted data without sufficiently ensuring that the resulting data will be valid.
Attack-Flow Graph
AI Quick Actions
Instant insights powered by AI
Executive Summary

[{'type': 'paragraph', 'content': "CVE-2026-1286 is a vulnerability in Schneider Electric's EcoStruxureβ„’ Foxboro DCS product involving CWE-502, which is the deserialization of untrusted data. This vulnerability occurs when an authenticated administrator opens a malicious project file, potentially allowing loss of confidentiality, integrity, and enabling remote code execution on the affected workstation."}] [1]

Impact Analysis

This vulnerability can lead to serious impacts including loss of confidentiality and integrity of data, as well as potential remote code execution on the workstation of an authenticated administrator. This means an attacker could execute arbitrary code with high privileges, potentially compromising the control system and affecting its availability.

Compliance Impact

I don't know

Detection Guidance

Detection of this vulnerability involves monitoring for the opening of malicious project files by authenticated administrator users on workstations running affected versions of EcoStruxureβ„’ Foxboro DCS prior to CS8.1.

While specific commands are not provided in the available resources, general detection methods include verifying the integrity of project files via hashing and monitoring file access logs for unusual activity involving project files.

Network detection can be enhanced by isolating control networks behind firewalls and scanning removable media before use.

Mitigation Strategies

Immediate mitigation steps include applying the patch provided in version CS8.1 of EcoStruxureβ„’ Foxboro DCS, which fixes the vulnerability. A system reboot is required after patching.

  • Only open project files from trusted sources.
  • Verify the integrity of project files using hashing techniques.
  • Encrypt project files and restrict access to authorized users.
  • Use secure communication protocols for transferring project files.
  • Isolate control networks behind firewalls and restrict physical access to controllers.
  • Avoid network connections outside intended networks and scan removable media before use.
  • Use secure remote access methods such as VPNs with up-to-date software.
Chat Assistant
Ask questions about this CVE
Hi! I’m here to help you understand CVE-2026-1286. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70
EPSS Chart