CVE-2026-9716
Analyzed
Analyzed - Analysis Complete
NULL Pointer Dereference in Device HMI Configuration Interface
Vulnerability report for CVE-2026-9716, including description, CVSS score, EPSS score, affected products, exploitability, helpful resources, and attack-flow context.
Publication date: 2026-06-25
Last updated on: 2026-07-01
Assigner: Schneider Electric SE
Description
Description
CWE-476 NULL Pointer Dereference vulnerability exists that could cause a denial-of-service condition, rendering the deviceβs HMI and configuration functionality unavailable when malformed requests are received over exposed network interfaces.
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| schneider-electric | powerlogic_p7_firmware | to 02.004.001.000 (exc) |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-476 | The product dereferences a pointer that it expects to be valid but is NULL. |