CSIRTS // UNIFIED SECURITY ADVISORY FEEDSYS ● ONLINE · POWERED BY INTELFUSIONS.COM

CVE-2026-9650

criticalcovered by 1 sourcefirst seen 2026-06-30
View CSAF Summary Successful exploitation of these vulnerabilities can allow an attacker to cause unauthorized access and exposure of sensitive information when the unauthenticated attacker accesses credentials stored within firmware or system files. The following versions of Schneider Electric EasyLogic T150 and Saitel DP RTU are affected: EasyLogic T150 (formerly Saitel DR) Remote Terminal Unit & Controller <=11.06.30 (CVE-2026-9650) EasyLogic T150 (formerly Saitel DR) Remote Terminal Unit & Controller <=11.06.31 (CVE-2026-9651) Saitel DP Remote Terminal Unit & Controller <=11.06.35 (CVE-2026-9650) Saitel DP Remote Terminal Unit & Controller <=11.06.37 (CVE-2026-9651) CVSS Vendor Equipment Vulnerabilities v3 7.5 Schneider Electric Schneider Electric EasyLogic T150 and Saitel DP RTU Insufficiently Protected Credentials, Incorrect Permission Assignment for Critical Resource Background Critical Infrastructure Sectors: Critical Manufacturing, Energy Countries/Areas Deployed: Worldwide Company Headquarters Location: France Vulnerabilities Expand All + CVE-2026-9650 CWE-522 Insufficiently Protected Credentials vulnerability that could cause unauthorized access and exposure of sensitive information when unauthenticated attacker accesses credentials stored within firmware or system files.With this credential an attacker could subsequently compromise the device if they have physical access to the device. View CVE Details Affected Products Schneider Electric EasyLogic T150 and Saitel DP RTU Vendor: Schneider Electric Product Version: Schneider Electric EasyLogic T150 (formerly Saitel DR) Remote Terminal Unit & Controller: <=11.06.30, Schneider Electric Saitel DP Remote Terminal Unit & Controller: <=11.06.35 Product Status: known_affected Remediations Vendor fix Schneider Electric has identified the following specific workarounds and mitigations users can apply to reduce risk: (CVE-2026-9650) EasyLogic T150 (formerly Saitel DR) Remote Terminal Unit & Controller Firmware (<=1

CSIRTS triage

vendor: Schneider Electricproduct: EasyLogic T150 and Saitel DP RTUInformation disclosureOtheraffected: <=11.06.30 for EasyLogic T150, <=11.06.35 for Saitel DP RTU
What
Exploitation can lead to unauthorized access and exposure of sensitive information.
Who is affected
Users of EasyLogic T150 and Saitel DP RTU with affected versions.
Urgency
Remediation is critical due to the potential for unauthorized access.
Action
Update to versions above the specified limits.

AI-assisted analysis generated from the source advisory — verify against the original.

⚡ Watch CVE-2026-9650

Get an email if CVE-2026-9650 is added to CISA KEV, gains public exploit code, or a new advisory cites it — max one per day, one-click unsubscribe.

Exploitation outlook

Advisory coverage (1)

External references

NVD record for CVE-2026-9650

CVE.org record

Embed the live status

CVE-2026-9650 live status badge — this badge updates automatically when the KEV or exploit status changes. How to embed it →

[![CVE-2026-9650 status](https://www.csirts.com/badge/CVE-2026-9650)](https://www.csirts.com/cve/CVE-2026-9650)