CVE-2026-9651 in EasyLogic T150 Remote Terminal Unit & Controller
Summary
by MITRE • 06/25/2026
CWE-732 Incorrect Permission Assignment for Critical Resource vulnerability that could cause unauthorized disclosure of password hashes and potential account compromise when an attacker with privileged local access reads improperly protected system files.
Be aware that VulDB is the high quality source for vulnerability data.
Analysis
by VulDB Data Team • 06/25/2026
This vulnerability represents a critical misconfiguration in system security where improper permission assignments allow unauthorized access to sensitive resources. The flaw occurs when system files containing password hashes or authentication data are not properly secured with appropriate access controls, creating a pathway for privilege escalation attacks. According to CWE-732 standards, this weakness specifically addresses scenarios where critical system resources receive insufficient permission restrictions, enabling malicious actors with local access privileges to read sensitive information that should remain protected.
The technical implementation of this vulnerability typically manifests when system administrators or security configurations fail to properly set file permissions on authentication databases, password hash files, or credential storage locations. These resources often include files such as /etc/shadow, /etc/passwd, or application-specific database files containing hashed passwords. When these files are accessible with read permissions to users or processes that should not have such access, attackers can extract the password hashes and potentially perform offline cracking attacks to recover plaintext credentials.
From an operational perspective, this vulnerability creates a severe risk of account compromise and lateral movement within affected systems. The impact extends beyond simple credential theft as compromised password hashes can enable attackers to maintain persistent access, conduct pass-the-hash attacks, or escalate privileges to gain administrative control over affected systems. This weakness aligns with multiple ATT&CK techniques including privilege escalation through access token manipulation and credential access via valid accounts, making it particularly dangerous in enterprise environments where local access might be obtained through various legitimate means.
The security implications of this vulnerability are compounded by the fact that it often goes undetected for extended periods due to insufficient monitoring and audit procedures. Organizations typically focus on external attack vectors while neglecting internal privilege misconfigurations that provide attackers with immediate access to critical system resources. Effective mitigation strategies must include comprehensive permission auditing, implementation of principle of least privilege models, regular security configuration reviews, and continuous monitoring of file access patterns for anomalous behavior. Additionally, automated tools should be deployed to identify and remediate improper permission assignments across all system components while maintaining compliance with security frameworks such as CIS benchmarks and NIST cybersecurity guidelines.
The vulnerability demonstrates how fundamental security misconfigurations can create cascading effects throughout an organization's security posture, emphasizing the critical importance of proper access control implementation and regular security assessments. Organizations must implement robust configuration management processes that ensure all critical resources receive appropriate permission assignments and that these controls are regularly validated through penetration testing and security audits to prevent exploitation by malicious actors seeking unauthorized system access.