8.7

CVE-2026-9650

CWE-522 Insufficiently Protected Credentials vulnerability that could cause unauthorized access and exposure of sensitive information when unauthenticated attacker accesses credentials stored within firmware or system files. With this credential an attacker could subsequently compromise the device if they have physical access to the device.
Daten sind bereitgestellt durch das CVE Programm von einer CVE Numbering Authority (CNA) (Unstrukturiert).
HerstellerSchneider Electric
Produkt EasyLogic T150 (formerly Saitel DR) Remote Terminal Unit & Controller
Default Statusunaffected
Version Version 11.06.30 and prior
Status affected
HerstellerSchneider Electric
Produkt Saitel DP Remote Terminal Unit & Controller
Default Statusunaffected
Version Version 11.06.35 and prior
Status affected
VulnDex Vulnerability Enrichment
Diese Information steht angemeldeten Benutzern zur Verfügung. Login Login
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 0.25% 0.159
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
cybersecurity@se.com 8.7 0 0
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
CWE-522 Insufficiently Protected Credentials

The product transmits or stores authentication credentials, but it uses an insecure method that is susceptible to unauthorized interception and/or retrieval.

https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2026-160-02&p_enDocType=Security+and+Safety+Notice&p_File_Name=SEVD-2026-160-02.pdf