Schneider Electric EasyLogic T150 and Saitel DP
Summary
CISA has identified a Path Traversal vulnerability (CVE-2026-6865) affecting Schneider Electric EasyLogic T150 and Saitel DP devices. Successful exploitation allows an attacker to gain unauthorized access to sensitive files.
IFF Assessment
This vulnerability allows attackers to access sensitive files, which is detrimental to defenders.
Severity
The CVSS score of 7.1 reflects a high severity due to the ability of an attacker to gain unauthorized access to sensitive files through improper handling of user-supplied input, leading to a Path Traversal.
Defender Context
This vulnerability affects critical infrastructure sectors like Energy and Critical Manufacturing, with worldwide deployments. Defenders should prioritize patching or mitigating these Schneider Electric devices to prevent unauthorized file access and potential system compromise.