Skip to main content

EasyLogic T150 CVE-2026-9650

| EUVDEUVD-2026-39430 HIGH
Insufficiently Protected Credentials (CWE-522)
2026-06-25 schneider GHSA-w2q4-93g6-j5vm
8.7
CVSS 4.0 · Vendor: schneider
Share

Severity by source

Vendor (schneider) PRIMARY
8.7 HIGH
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
vuln.today AI
6.2 MEDIUM

Extracting credentials from firmware/system files and the stated physical-access requirement imply local proximity (AV:L), no auth (PR:N), and confidentiality-only impact (C:H, I/A:N).

3.1 AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
4.0 AV:L/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N

Primary rating from Vendor (schneider).

CVSS VectorVendor: schneider

CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Attack Vector
Network
Attack Complexity
Low
Privileges Required
None
User Interaction
None
Scope
X

Lifecycle Timeline

1
Analysis Generated
Jun 25, 2026 - 16:21 vuln.today

DescriptionCVE.org

CWE-522 Insufficiently Protected Credentials vulnerability that could cause unauthorized access and exposure of sensitive information when unauthenticated attacker accesses credentials stored within firmware or system files. With this credential an attacker could subsequently compromise the device if they have physical access to the device.

AnalysisAI

Credential exposure in Schneider Electric EasyLogic T150 (formerly Saitel DR) and Saitel DP Remote Terminal Units & Controllers allows an unauthenticated attacker to recover credentials that are insufficiently protected within device firmware or system files (CWE-522). The recovered credentials can then be used to fully compromise the device when the attacker also has physical access. …

Unlock full vulnerability intelligence

  • Risk assessment & exploitation conditions
  • Attack chain visualization
  • Remediation with exact patch versions
  • Threat intelligence from 22 sources
  • Personal watchlist & email alerts

Free forever · No credit card required

Attack ChainAIDerived

Hypothetical attack flow derived from CVE metadata

Access
Gain access to device firmware or system files
Delivery
Extract insufficiently protected stored credentials
Exploit
Obtain physical access to RTU
Execution
Authenticate with recovered credentials
Impact
Compromise device and controlled process

Vulnerability AssessmentAI

Exploitation The credential-disclosure step requires the attacker to access credentials stored within the device firmware or system files of the EasyLogic T150 / Saitel DP RTU - i.e., the attacker must be able to read those firmware images or system files. … Additional conditions and limiting factors are described in the full assessment.
Risk Assessment Signals are partially conflicting and should be reconciled before prioritization. … Full risk analysis with EPSS, KEV, and SSVC signal comparison available after sign-in.
Exploit Scenario An attacker obtains a firmware image or reads system files from a Saitel DP / EasyLogic T150 RTU and extracts the insufficiently protected credentials stored within. With those credentials and physical access to the field device, the attacker authenticates and takes control of the RTU to manipulate the controlled process. …
Remediation Apply the fixed firmware/version specified in Schneider Electric advisory SEVD-2026-160-02 (https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2026-160-02&p_enDocType=Security+and+Safety+Notice&p_File_Name=SEVD-2026-160-02.pdf); no exact fixed version number is provided in the supplied data, so treat the advisory as the authoritative source for the patched build and rotate any credentials that may have been exposed after updating. … Detailed patch versions, workarounds, and compensating controls in full report.

Recommended ActionAI

Within 24 hours: Inventory all EasyLogic T150 and Saitel DP devices in operation and assess physical security controls around affected systems. …

Sign in for detailed remediation steps and compensating controls.

Threat intelligence, references, and detailed analysis are available after sign-in.

Share

CVE-2026-9650 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy