Home
HIGH: 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:H/VI:H/VA:L/SC:N/SI:N/SA:NDefault status
unaffected
Versions D6.x
affected
Versions D7.33 and prior
affected
Default status
unaffected
Version 1.1.17 and prior
affected
Default status
unaffected
P139 version prior to P139.678.700
affected
P437 version prior to P437.678.700
affected
P439 version prior to P439.678.700
affected
P532 version prior to P532.678.700
affected
P539 version prior to P539.678.700
affected
P631 version prior to P631.678.700
affected
P632 version prior to P632.678.700
affected
P633 version prior to P633.678.700
affected
P634 version prior to P634.678.700
affected
P633 version P633.680.700 only
affected
P634 version P634.680.700 only
affected
P138 version prior to P138.677.700
affected
P436 version prior to P436.677.701
affected
P438 version prior to P438.677.701
affected
P638 version prior to P638.677.700
affected
C434 version prior to C434.679.700
affected
Default status
unaffected
Series model numbers with Protocol Option bit as G, H or L and all firmware versions
affected
Default status
unaffected
Version 6.4.616.200.100 and prior
affected
Default status
unaffected
Version 3.0.3 and prior
affected
Default status
unaffected
Version 2022 CU6 and prior
affected
Version 2024 CU2 and prior
affected
Default status
unaffected
Version 64.2025.0.13 and prior
affected
Default status
unaffected
V02.502.103 and prior
affected
Default status
unaffected
V02.002.002 and prior
affected
Default status
unaffected
Version 2.9.4 and prior
affected
Default status
unaffected
Version 11.08.02 and prior
affected
Default status
unaffected
Version 11.06.36 and prior
affected
Default status
unaffected
Version 11.06.30 and prior
affected
Description
CWE‑331: Insufficient Entropy vulnerability exists that could lead to unauthorized access when an attacker on the network can exploit weaknesses in session‑management protections.
Problem types
Product status
Versions D6.x
Versions D7.33 and prior
Version 1.1.17 and prior
P139 version prior to P139.678.700
P437 version prior to P437.678.700
P439 version prior to P439.678.700
P532 version prior to P532.678.700
P539 version prior to P539.678.700
P631 version prior to P631.678.700
P632 version prior to P632.678.700
P633 version prior to P633.678.700
P634 version prior to P634.678.700
P633 version P633.680.700 only
P634 version P634.680.700 only
P138 version prior to P138.677.700
P436 version prior to P436.677.701
P438 version prior to P438.677.701
P638 version prior to P638.677.700
C434 version prior to C434.679.700
Series model numbers with Protocol Option bit as G, H or L and all firmware versions
Version 6.4.616.200.100 and prior
Version 3.0.3 and prior
Version 2022 CU6 and prior
Version 2024 CU2 and prior
Version 64.2025.0.13 and prior
V02.502.103 and prior
V02.002.002 and prior
Version 2.9.4 and prior
Version 11.08.02 and prior
Version 11.06.36 and prior
Version 11.06.30 and prior
References
download.schneider-electric.com/...Name=SEVD-2026-132-02.pdf