Sensitive Data Leaked to Log Files When Malicious File Executed

Monitor vulnerabilities like this one. Sign up free to get alerted when software you use is affected.

2.4

Sensitive Data Leaked to Log Files When Malicious File Executed

CVE-2026-2401

Summary

A vulnerability in the Web Admin interface allows an attacker to trick a user into running a malicious file, which can then expose confidential information to logs. This could potentially lead to sensitive data being visible to unauthorized parties. Organizations using this software should update their logging settings to prevent sensitive information from being written to logs.

Original title

CWE-532 Insertion of Sensitive Information into Log File vulnerability exists that could cause confidential information to be exposed when a Web Admin user executes a malicious file provided by an...

Original description

CWE-532 Insertion of Sensitive Information into Log File vulnerability exists that could cause confidential information to be exposed when a Web Admin user executes a malicious file provided by an attacker.

nvd CVSS4.0 2.4

Vulnerability type

CWE-532 Insertion of Sensitive Information into Log File

https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2026-104-01&p_enDoc...

Published: 14 Apr 2026 · Updated: 15 Apr 2026 · First seen: 14 Apr 2026