PowerChute has been flagged as vulnerable to CVE-2026-34477, CVE-2026-34478, CVE-2026-34479, CVE-2026-34480
Issue:
PowerChute has been flagged as vulnerable to CVE-2026-34477, CVE-2026-34478, CVE-2026-34479, CVE-2026-34480
Product Lines:
PowerChute Network Shutdown 5.2
PowerChute Serial Shutdown 1.5
Environment:
All supported Operating Systems
Cause:
PowerChute ships with a version of log4j that is less than log4j 2.25.4
Solution:
For PowerChute Network Shutdown version 5.2 on Windows
1 Download the attached zip file "PCNS52_update.zip", uncompress the zip file.
2 Open a command prompt as an administrator.
3 Change directory to the PCNS52_Log4j_Update folder that was created when uncompressing PCNS52_update.zip.
4 Enter the command .\run_update.cmd.
Note: A Linux solution will be provided soon.
For PowerChute Serial Shutdown version 1.5 on Windows
1 Download the attached zip file "PCSS_Log4j_update", uncompress the zip file.
2 Open a command prompt as an administrator.
3 Change directory to the PCNS15_Log4j_Update folder that was created when uncompressing PCSS15_update.zip.
4 Enter the command .\run_update.cmd.
Note: A Linux solution will be provided soon.