Schneider Electric Firmware Credential Exposure (CWE-522)
CVE-2026-9650 Published on June 25, 2026

CWE-522 Insufficiently Protected Credentials vulnerability that could cause unauthorized access and exposure of sensitive information when unauthenticated attacker accesses credentials stored within firmware or system files. With this credential an attacker could subsequently compromise the device if they have physical access to the device.

NVD

Weakness Type

Insufficiently Protected Credentials

The product transmits or stores authentication credentials, but it uses an insecure method that is susceptible to unauthorized interception and/or retrieval.


Affected Versions

Schneider Electric EasyLogic T150 (formerly Saitel DR) Remote Terminal Unit & Controller: Schneider Electric Saitel DP Remote Terminal Unit & Controller: