CWE-732 Incorrect Permission Assignment for Critical Resource vulnerability that could cause unauthorized disclosure of password hashes and potential account compromise when an attacker with privileged local access reads improperly protected system files.

Project Subscriptions

Vendors Products
Schneider Electric Subscribe
Easylogic T150 (formerly Saitel Dr) Remote Terminal Unit & Controller Subscribe
Saitel Dp Remote Terminal Unit & Controller Subscribe
Advisories

No advisories yet.

Fixes

Solution

No solution given by the vendor.


Workaround

No workaround given by the vendor.

History

Fri, 26 Jun 2026 10:45:00 +0000

Type Values Removed Values Added
First Time appeared Schneider Electric
Schneider Electric easylogic T150 (formerly Saitel Dr) Remote Terminal Unit & Controller
Schneider Electric saitel Dp Remote Terminal Unit & Controller
Vendors & Products Schneider Electric
Schneider Electric easylogic T150 (formerly Saitel Dr) Remote Terminal Unit & Controller
Schneider Electric saitel Dp Remote Terminal Unit & Controller

Thu, 25 Jun 2026 17:00:00 +0000

Type Values Removed Values Added
Title Permission Assignment Flaw Exposes Password Hashes in Schneider Electric Remote Terminals

Thu, 25 Jun 2026 16:30:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}


Thu, 25 Jun 2026 15:45:00 +0000

Type Values Removed Values Added
Description CWE-732 Incorrect Permission Assignment for Critical Resource vulnerability that could cause unauthorized disclosure of password hashes and potential account compromise when an attacker with privileged local access reads improperly protected system files.
Weaknesses CWE-732
References
Metrics cvssV4_0

{'score': 6.7, 'vector': 'CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N'}


Projects

Sign in to view the affected projects.

cve-icon MITRE

Status: PUBLISHED

Assigner: schneider

Published:

Updated: 2026-06-25T15:49:36.271Z

Reserved: 2026-05-26T19:45:22.354Z

Link: CVE-2026-9651

cve-icon Vulnrichment

Updated: 2026-06-25T15:49:33.678Z

cve-icon NVD

No data.

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-06-26T09:37:15Z

Weaknesses