PowerChute Network Shutdown Linux Virtual Machine has been flagged for CVE-2026-31431
Issue:
The PowerChute Network Shutdown Linux Virtual Machine has been flagged for CVE-2026-31431.
Product:
PowerChute Network Shutdown
Environment:
PowerChute Network Shutdown Linux Virtual Machine.
Cause:
An issue was discovered in the Linux kernel's algif_aead cryptographic algorithm interface. An incorrect in-place operation causes source and destination data mappings to differ during cryptographic processing. A low-privileged local attacker may exploit this flaw to corrupt the contents of system files and gain root privileges.
See https://nvd.nist.gov/vuln/detail/CVE-2026-31431
Solution:
Update the Linux system as recommended in the PowerChute Network Shutdown Security Handbook and Installation Guide.
1- To update the system log in to the PowerChute Linux VM as root and run the command dnf update.
2- When the command runs, you will be prompted to accept the update. Note that the update installation packages and upgrade packages will vary.
Released for: Schneider Electric Belgium
Need help?
Get a Quote
Start your sales inquiry online and an expert will connect with you.
Where to buy?
Easily find the nearest Schneider Electric distributor in your location.
Help Center
Find support resources for all your needs, in one place.