CVE-2026-9651 - Vulnerability Details - OpenCVE

CWE-732 Incorrect Permission Assignment for Critical Resource vulnerability that could cause unauthorized disclosure of password hashes and potential account compromise when an attacker with privileged local access reads improperly protected system files.

Attack Vector Local

Attack Complexity Low

Privileges Required High

Attack Requirements None

User Interaction None

Vulnerable System Confidentiality Impact High

Vulnerable System Integrity Impact None

Vulnerable System Availability Impact None

Subsequent System Confidentiality Impact None

Subsequent System Integrity Impact None

Subsequent System Availability Impact None

No CVSS v3.1

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

No EPSS score available.

Exploitation none

Automatable no

Technical Impact partial

No data.

No data.

No data.

OpenCVE Enrichment is a feature of OpenCVE that uses AI to automatically link vendors and products to CVEs. Learn more on GitHub.

Vendors	Products

References

Link	Providers
https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2026-160-02&p_enDocType=Security+and+Safety+Notice&p_File_Name=SEVD-2026-160-02.pdf

History

Thu, 25 Jun 2026 17:00:00 +0000

Type	Values Removed	Values Added
Title		Permission Assignment Flaw Exposes Password Hashes in Schneider Electric Remote Terminals

Thu, 25 Jun 2026 16:30:00 +0000

Type	Values Removed	Values Added
Metrics		ssvc `{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}`

Thu, 25 Jun 2026 15:45:00 +0000

Type	Values Removed	Values Added
Description		CWE-732 Incorrect Permission Assignment for Critical Resource vulnerability that could cause unauthorized disclosure of password hashes and potential account compromise when an attacker with privileged local access reads improperly protected system files.
Weaknesses		CWE-732
References		https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2026-160-02&p_enDocType=Security+and+Safety+Notice&p_File_Name=SEVD-2026-160-02.pdf
Metrics		cvssV4_0 `{'score': 6.7, 'vector': 'CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N'}`

MITRE

Status: PUBLISHED

Assigner: schneider

Published: 2026-06-25T14:47:24.496Z

Updated: 2026-06-25T15:49:36.271Z

Reserved: 2026-05-26T19:45:22.354Z

Link: CVE-2026-9651

Vulnrichment

Updated: 2026-06-25T15:49:33.678Z

NVD

No data.

Redhat

No data.

OpenCVE Enrichment

Updated: 2026-06-25T16:45:03Z

{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2026-9651", "assignerOrgId": "076d1eb6-cfab-4401-b34d-6dfc2a413bdb", "state": "PUBLISHED", "assignerShortName": "schneider", "dateReserved": "2026-05-26T19:45:22.354Z", "datePublished": "2026-06-25T14:47:24.496Z", "dateUpdated": "2026-06-25T15:49:36.271Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "076d1eb6-cfab-4401-b34d-6dfc2a413bdb", "shortName": "schneider", "dateUpdated": "2026-06-25T14:47:24.496Z"}, "problemTypes": [{"descriptions": [{"lang": "en", "cweId": "CWE-732", "description": "CWE-732 Incorrect Permission Assignment for Critical Resource", "type": "CWE"}]}], "affected": [{"vendor": "Schneider Electric", "product": "EasyLogic T150 (formerly Saitel DR) Remote Terminal Unit & Controller", "versions": [{"status": "affected", "version": "Version 11.06.31 and prior"}], "defaultStatus": "unaffected"}, {"vendor": "Schneider Electric", "product": "Saitel DP Remote Terminal Unit & Controller", "versions": [{"status": "affected", "version": "Version 11.06.37 and prior"}], "defaultStatus": "unaffected"}], "descriptions": [{"lang": "en", "value": "CWE-732 Incorrect Permission Assignment for Critical Resource vulnerability that could cause unauthorized disclosure of password hashes and potential account compromise when an attacker with privileged local access reads improperly protected system files.", "supportingMedia": [{"type": "text/html", "base64": false, "value": "CWE-732 Incorrect Permission Assignment for Critical Resource vulnerability that could cause unauthorized disclosure of password hashes and potential account compromise when an attacker with privileged local access reads improperly protected system files."}]}], "references": [{"url": "https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2026-160-02&p_enDocType=Security+and+Safety+Notice&p_File_Name=SEVD-2026-160-02.pdf"}], "metrics": [{"format": "CVSS", "scenarios": [{"lang": "en", "value": "GENERAL"}], "cvssV4_0": {"attackVector": "LOCAL", "attackComplexity": "LOW", "attackRequirements": "NONE", "privilegesRequired": "HIGH", "userInteraction": "NONE", "vulnConfidentialityImpact": "HIGH", "subConfidentialityImpact": "NONE", "vulnIntegrityImpact": "NONE", "subIntegrityImpact": "NONE", "vulnAvailabilityImpact": "NONE", "subAvailabilityImpact": "NONE", "exploitMaturity": "NOT_DEFINED", "Safety": "NOT_DEFINED", "Automatable": "NOT_DEFINED", "Recovery": "NOT_DEFINED", "valueDensity": "NOT_DEFINED", "vulnerabilityResponseEffort": "NOT_DEFINED", "providerUrgency": "NOT_DEFINED", "version": "4.0", "baseSeverity": "MEDIUM", "baseScore": 6.7, "vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N"}}], "source": {"discovery": "UNKNOWN"}, "x_generator": {"engine": "Vulnogram 1.0.2"}}, "adp": [{"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2026-06-25T15:49:29.524994Z", "id": "CVE-2026-9651", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-06-25T15:49:36.271Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2026-9651", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2026-06-25T15:49:29.524994Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-06-25T15:49:33.678Z"}}], "cna": {"source": {"discovery": "UNKNOWN"}, "metrics": [{"format": "CVSS", "cvssV4_0": {"Safety": "NOT_DEFINED", "version": "4.0", "Recovery": "NOT_DEFINED", "baseScore": 6.7, "Automatable": "NOT_DEFINED", "attackVector": "LOCAL", "baseSeverity": "MEDIUM", "valueDensity": "NOT_DEFINED", "vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N", "exploitMaturity": "NOT_DEFINED", "providerUrgency": "NOT_DEFINED", "userInteraction": "NONE", "attackComplexity": "LOW", "attackRequirements": "NONE", "privilegesRequired": "HIGH", "subIntegrityImpact": "NONE", "vulnIntegrityImpact": "NONE", "subAvailabilityImpact": "NONE", "vulnAvailabilityImpact": "NONE", "subConfidentialityImpact": "NONE", "vulnConfidentialityImpact": "HIGH", "vulnerabilityResponseEffort": "NOT_DEFINED"}, "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "affected": [{"vendor": "Schneider Electric", "product": "EasyLogic T150 (formerly Saitel DR) Remote Terminal Unit & Controller", "versions": [{"status": "affected", "version": "Version 11.06.31 and prior"}], "defaultStatus": "unaffected"}, {"vendor": "Schneider Electric", "product": "Saitel DP Remote Terminal Unit & Controller", "versions": [{"status": "affected", "version": "Version 11.06.37 and prior"}], "defaultStatus": "unaffected"}], "references": [{"url": "https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2026-160-02&p_enDocType=Security+and+Safety+Notice&p_File_Name=SEVD-2026-160-02.pdf"}], "x_generator": {"engine": "Vulnogram 1.0.2"}, "descriptions": [{"lang": "en", "value": "CWE-732 Incorrect Permission Assignment for Critical Resource vulnerability that could cause unauthorized disclosure of password hashes and potential account compromise when an attacker with privileged local access reads improperly protected system files.", "supportingMedia": [{"type": "text/html", "value": "CWE-732 Incorrect Permission Assignment for Critical Resource vulnerability that could cause unauthorized disclosure of password hashes and potential account compromise when an attacker with privileged local access reads improperly protected system files.", "base64": false}]}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-732", "description": "CWE-732 Incorrect Permission Assignment for Critical Resource"}]}], "providerMetadata": {"orgId": "076d1eb6-cfab-4401-b34d-6dfc2a413bdb", "shortName": "schneider", "dateUpdated": "2026-06-25T14:47:24.496Z"}}}, "cveMetadata": {"cveId": "CVE-2026-9651", "state": "PUBLISHED", "dateUpdated": "2026-06-25T15:49:36.271Z", "dateReserved": "2026-05-26T19:45:22.354Z", "assignerOrgId": "076d1eb6-cfab-4401-b34d-6dfc2a413bdb", "datePublished": "2026-06-25T14:47:24.496Z", "assignerShortName": "schneider"}, "dataVersion": "5.2"}