CVE-2026-4827 is a session hijacking vulnerability affecting more than 30 Schneider Electric OT product lines including protection relays, power automation gateways, and energy management platforms deployed across energy, water, critical manufacturing, and chemical sectors. Network-adjacent attackers with no credentials can predict or brute-force session tokens to take over authenticated management sessions; patching is available for most but not all affected products, and several MiCOM P30 series models remain unpatched with vendor mitigations as the only available defense.