Unauthorized Disclosure of Password Hashes in Schneider Electric Product
CVE-2026-9651

6.7MEDIUM

Key Information:

Vendor: Schneider Electric
Status: Easylogic T150 (formerly Saitel Dr) Remote Terminal Unit & Controller; Saitel Dp Remote Terminal Unit & Controller
Vendor: CVE Published:; 25 June 2026

🔔 Create Schneider Electric Vulnerability Alert

What is CVE-2026-9651?

This vulnerability allows an attacker with privileged local access to exploit incorrect permission assignments for critical resources in Schneider Electric products. By reading improperly protected system files, attackers can disclose password hashes, which could lead to potential account compromises. Organizations utilizing affected Schneider Electric products should assess their systems for security weaknesses and implement necessary measures to protect sensitive information.

Affected Version(s)

EasyLogic T150 (formerly Saitel DR) Remote Terminal Unit & Controller Version 11.06.31 and prior

Saitel DP Remote Terminal Unit & Controller Version 11.06.37 and prior

References

https://download.schneider-electric.com/files?p_Doc_Ref=S...

CVSS V4

Score:

6.7

Severity:

MEDIUM

Confidentiality:

High

Integrity:

None

Availability:

None

Attack Vector:

Local

Attack Complexity:

Low

Attack Required:

None

Privileges Required:

Undefined

User Interaction:

None

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Jun 25, 2026
Vulnerability Reserved
May 26, 2026

CVE-2026-9651 Data

JSON