PowerChute has been flagged as vulnerable to CVE-2026-34477, CVE-2026-34478, CVE-2026-34479, CVE-2026-34480

Issue:

PowerChute has been flagged as vulnerable to CVE-2026-34477, CVE-2026-34478, CVE-2026-34479, CVE-2026-34480

Product Lines:

PowerChute Network Shutdown 5.2

PowerChute Serial Shutdown 1.5

Environment:

All supported Operating Systems

Cause:

PowerChute ships with a version of log4j that is less than log4j 2.25.4

Solution:

For PowerChute Network Shutdown version 5.2 on Windows

1 Download the attached zip file "PCNS52_update.zip", uncompress the zip file.

2 Open a command prompt as an administrator.

3 Change directory to the PCNS52_Log4j_Update folder that was created when uncompressing PCNS52_update.zip.

4 Enter the command .\run_update.cmd.

Note: A Linux solution will be provided soon.

For PowerChute Serial Shutdown version 1.5 on Windows

1 Download the attached zip file "PCSS_Log4j_update", uncompress the zip file.

2 Open a command prompt as an administrator.

3 Change directory to the PCNS15_Log4j_Update folder that was created when uncompressing PCSS15_update.zip.

4 Enter the command .\run_update.cmd.

Note: A Linux solution will be provided soon.

Publisert for: Schneider Electric Norway