Schneider Electric Firmware Credential Exposure (CWE-522)
CVE-2026-9650 Published on June 25, 2026
CWE-522 Insufficiently Protected Credentials vulnerability that could cause unauthorized access and exposure of sensitive information when unauthenticated attacker accesses credentials stored within firmware or system files. With this credential an attacker could subsequently compromise the device if they have physical access to the device.
Weakness Type
Insufficiently Protected Credentials
The product transmits or stores authentication credentials, but it uses an insecure method that is susceptible to unauthorized interception and/or retrieval.
Affected Versions
Schneider Electric EasyLogic T150 (formerly Saitel DR) Remote Terminal Unit & Controller:- Version Version 11.06.30 and prior is affected.
- Version Version 11.06.35 and prior is affected.