PatchSiren cyber security CVE debrief
CVE-2016-5815 Schneider Electric CVE debrief
CVE-2016-5815 is a critical access-control weakness in several Schneider Electric ION-series power meters. According to NVD, authentication is not configured by default, allowing an unauthorized user to access the device management portal and make configuration changes. The issue is associated with multiple ION product families used in operational environments, so exposure of the management interface can directly affect device integrity and operational reliability.
- Vendor
- Schneider Electric
- Product
- CVE-2016-5815
- CVSS
- CRITICAL 9.8
- CISA KEV
- Not listed in stored evidence
- Original CVE published
- 2017-02-13
- Original CVE updated
- 2026-05-13
- Advisory published
- 2017-02-13
- Advisory updated
- 2026-05-13
Who should care
OT/ICS operators, utility and industrial asset owners, network and control-system administrators, and anyone responsible for Schneider Electric ION power meters in critical infrastructure or facilities environments.
Technical summary
NVD maps this issue to CWE-284 (Improper Access Control) and rates it CVSS 3.0 9.8 (AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H). The affected product set in the record includes Schneider Electric ION5000, ION7300, ION7500, ION7600, ION8650, and ION8800, while the CVE description also names ION73XX, ION75XX, ION76XX, ION8650, ION8800, and PM5XXX series. The core weakness is that the device management portal can be reached without authentication being configured by default, enabling unauthorized configuration changes over the network.
Defensive priority
Urgent. This is a remotely reachable, no-authentication access-control issue with high impact to confidentiality, integrity, and availability, and it affects industrial power-meter management interfaces.
Recommended defensive actions
- Identify whether any Schneider Electric ION-series meters are deployed, especially ION73XX, ION75XX, ION76XX, ION8650, ION8800, PM5XXX, and the related NVD CPE families.
- Restrict network access to the device management portal to trusted administrative hosts and management segments only.
- Ensure authentication is enabled and enforced wherever the product supports it; do not leave management interfaces exposed with default no-auth settings.
- Apply vendor and ICS-CERT guidance referenced in the advisory record, and verify whether any device firmware or configuration remediation is available for your deployed model.
- Monitor for unexpected configuration changes and administrative access attempts on meter management interfaces.
- Segment OT/ICS networks so that general user or enterprise traffic cannot directly reach meter administration services.
Evidence notes
NVD describes the issue as a default no-authentication condition that lets an unauthorized user access the management portal and change configuration. The record assigns CVSS 3.0 9.8 and CWE-284, and the CVE references point to ICS-CERT advisory ICSA-16-308-03 and a SecurityFocus BID entry. The CVE publishedAt timestamp is 2017-02-13T21:59:00.503Z; NVD modifiedAt is 2026-05-13T00:24:29.033Z. No patch or remediation details beyond advisory references were present in the supplied corpus.
Official resources
-
CVE-2016-5815 CVE record
CVE.org
-
CVE-2016-5815 NVD detail
NVD
-
Source item URL
nvd_modified
-
Mitigation or vendor reference
[email protected] - Third Party Advisory, VDB Entry
-
Mitigation or vendor reference
[email protected] - Third Party Advisory, US Government Resource
Publicly disclosed in the CVE record on 2017-02-13 and later modified in NVD on 2026-05-13. Use the CVE publication date for issue timing; do not treat later processing dates as the vulnerability date.