Insufficiently Protected Credentials Vulnerability in Schneider Electric Devices
CVE-2026-9650

8.7HIGH

Key Information:

Vendor: Schneider Electric
Status: Easylogic T150 (formerly Saitel Dr) Remote Terminal Unit & Controller; Saitel Dp Remote Terminal Unit & Controller
Vendor: CVE Published:; 25 June 2026

🔔 Create Schneider Electric Vulnerability Alert

What is CVE-2026-9650?

This vulnerability involves inadequate protection of sensitive credentials stored within firmware or system files, allowing unauthorized access by attackers. If an unauthenticated attacker gains access to these credentials, they could compromise the device, particularly if they have physical access. This poses a significant risk as it may lead to the exposure of sensitive information and the integrity of the device being undermined.

Affected Version(s)

EasyLogic T150 (formerly Saitel DR) Remote Terminal Unit & Controller Version 11.06.30 and prior

Saitel DP Remote Terminal Unit & Controller Version 11.06.35 and prior

References

https://download.schneider-electric.com/files?p_Doc_Ref=S...

CVSS V4

Score:

8.7

Severity:

HIGH

Confidentiality:

High

Integrity:

None

Availability:

None

Attack Vector:

Network

Attack Complexity:

Low

Attack Required:

None

Privileges Required:

Undefined

User Interaction:

None

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Jun 25, 2026
Vulnerability Reserved
May 26, 2026

CVE-2026-9650 Data

JSON