Schneider Electric EasyLogic T150 and Saitel DP RTU
View CSAF Summary Successful exploitation of these vulnerabilities can allow an attacker to cause unauthorized access and exposure of sensitive information when the unauthenticated attacker accesses credentials stored within firmware or system files. The following versions of Schneider Electric EasyLogic T150 and Saitel DP RTU are affected: EasyLogic T150 (formerly Saitel DR) Remote Terminal Unit & Controller <=11.06.30 (CVE-2026-9650) EasyLogic T150 (formerly Saitel DR) Remote Terminal Unit & Controller <=11.06.31 (CVE-2026-9651) Saitel DP Remote Terminal Unit & Controller <=11.06.35 (CVE-2026-9650) Saitel DP Remote Terminal Unit & Controller <=11.06.37 (CVE-2026-9651) CVSS Vendor Equipment Vulnerabilities v3 7.5 Schneider Electric Schneider Electric EasyLogic T150 and Saitel DP RTU Insufficiently Protected Credentials, Incorrect Permission Assignment for Critical Resource Background Critical Infrastructure Sectors: Critical Manufacturing, Energy Countries/Areas Deployed: Worldwide Company Headquarters Location: France Vulnerabilities Expand All + CVE-2026-9650 CWE-522 Insufficiently Protected Credentials vulnerability that could cause unauthorized access and exposure of sensitive information when unauthenticated attacker accesses credentials stored within firmware or system files.With this credential an attacker could subsequently compromise the device if they have physical access to the device. View CVE Details Affected Products Schneider Electric EasyLogic T150 and Saitel DP RTU Vendor: Schneider Electric Product Version: Schneider Electric EasyLogic T150 (formerly Saitel DR) Remote Terminal Unit & Controller: <=11.06.30, Schneider Electric Saitel DP Remote Terminal Unit & Controller: <=11.06.35 Product Status: known_affected Remediations Vendor fix Schneider Electric has identified the following specific workarounds and mitigations users can apply to reduce risk: (CVE-2026-9650) EasyLogic T150 (formerly Saitel DR) Remote Terminal Unit & Controller Firmware (<=1
CSIRTS triage
- What
- Exploitation can lead to unauthorized access and exposure of sensitive information.
- Who is affected
- Users of EasyLogic T150 and Saitel DP RTU with affected versions.
- Urgency
- Remediation is critical due to the potential for unauthorized access.
- Action
- Update to versions above the specified limits.
AI-assisted analysis generated from the source advisory — verify against the original.
⚡ Watch EasyLogic T150 and Saitel DP RTU
Get an email when a new EasyLogic T150 and Saitel DP RTU advisory drops — max one per day, one-click unsubscribe.
Details
Original advisory: https://www.cisa.gov/news-events/ics-advisories/icsa-26-181-04
Exploitation outlook
EPSS (FIRST.org) estimates each CVE’s probability of exploitation in the next 30 days — here is the CSIRTS.com read on those numbers.
- Low exploitation riskCVE-2026-96500.25% 30-day exploitation probability — currently an unlikely target, but scores change as exploit code circulates. Riskier than 16% of all scored CVEs.
- Low exploitation riskCVE-2026-96510.11% 30-day exploitation probability — currently an unlikely target, but scores change as exploit code circulates. Riskier than 1% of all scored CVEs.
Referenced CVEs
| CVE | CSIRTS overview | External |
|---|---|---|
| CVE-2026-9650 | coverage & exploitation status | NVD · CVE.org |
| CVE-2026-9651 | coverage & exploitation status | NVD · CVE.org |
More from CISA Cybersecurity Advisories
- highCISA Adds Two Known Exploited Vulnerabilities to Catalog2026-07-10
- criticalOpenPLC v32026-07-09
- criticalSchneider Electric PowerChute Serial Shutdown2026-07-09
- criticalSchneider Electric Easergy MiCOM Px40 Series2026-07-09
- highCISA Adds One Known Exploited Vulnerability to Catalog2026-07-07