VDB
SEVD-2026-104-02
SEVD-2026-104-02
PUBLISHED
CVSS 9 CRITICAL
Schneider Electric is aware of a RADIUS protocol vulnerability affecting its Modicon Network Managed Switch product. The Modicon Network Managed Switch product provides connectivity for multiple Ethernet devices, network management, enhanced cyber security and more advanced switching features. Failure to apply the mitigation provided below may risk forgery attacks in RADIUS Protocol, which could result in modification of any valid Response (Access-Accept, Access-Reject, or Access-Challenge) to any other response which could result in the possibility of denial of service and loss of confidentiality, integrity of the devices connected to the switch.
Risk Scores
CVSS v3.1
9
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Modicon Managed Switches All Versions | ||
| Connexium Managed Switches All Versions | ||
| Modicon Redundancy Switches All Versions |
Timeline
- Apr 14, 2026 CVE Published
References
- https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2026-104-02&p_enDocType=Security+and+Safety+Notice&p_File_Name=SEVD-2026-104-02.pdf advisory
- https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2026-104-02&p_enDocType=Security+and+Safety+Notice&p_File_Name=sevd-2026-104-02.json advisory
- https://www.se.com/ww/en/download/document/7EN52-0390/ url