CVE-2026-1286
CWE-502Published: March 10, 2026· Updated: Mar 11, 2026
Official Description
CWE-502: Deserialization of untrusted data vulnerability exists that could lead to loss of confidentiality, integrity and potential remote code execution on workstation when an admin authenticated user opens a malicious project file.
Technical Analysis
CVE-2026-1286 requires local access, meaning attackers must already have a foothold on the target system.
Exploitation requires high privileges, which limits the exposure to scenarios where an attacker has already gained initial access.
From a weakness classification perspective (CWE-502): Insecure deserialization vulnerabilities allow attackers to inject malicious objects during deserialization, potentially enabling remote code execution.
CVSS v3.1 Vector Breakdown
Exploit & PoC Resources
News & Research Mentioning CVE-2026-1286
View CSAF Summary Schneider Electric is aware of a vulnerability in its EcoStruxure Foxboro DCS Control Software on Foxboro DCS workstations and servers. Control Core Services and all runtime software, like FCPs, FDCs, and FBMs, are not affected. The EcoStruxure Foxboro DCS ([https://www.se.com/ww/en/product-range/63680-ecostruxure-foxboro-dcs/](https://www.se.com/ww/en/product-range/63680-ecostruxure-foxboro-dcs/)) product is an innovative family of fault-tolerant, highly available control components, which consolidates critical information and elevates staff capabilities to ensure flawless, continuous plant operation. Failure to apply the remediation provided below may risk deserialization of untrusted data, which could result in loss of confidenti [xlite_meta score:73 src:CISA Alerts xlite_fp:c34168317c4f3593bffb983b3de1525005a9f89022cd69a6ac411f5e0d675149]
All References (1)
Quick Facts
Known Threat Actors
Related CVEs (CWE-502)
Recommended Actions
- →Apply vendor patches immediately
- →Monitor CVE-2026-1286 in threat intel feeds
- →Review IDS/IPS signatures for exploitation attempts