OTPulse
FeedAboutContact

Saitel DR & Saitel DP Remote Terminal Unit

Monitor6.7SEVD-2025-224-01Aug 12, 2025
Attack VectorLocal
Auth RequiredHigh
ComplexityLow
User InteractionNone needed
Summary

A privilege escalation and arbitrary code execution vulnerability exists in Schneider Electric Saitel DR and Saitel DP Remote Terminal Units due to improper access controls (CWE-269). The Saitel DR RTU is used for data acquisition, communication, automation, and IED integration in distribution, transmission, generation, and railway networks. The Saitel DP RTU is a modular platform for medium and low voltage public distribution and transmission network management. Exploitation could result in denial of service, loss of confidentiality, and loss of integrity of the affected device.

What this means
What could happen
An attacker with high privileges on the device could execute arbitrary code or escalate their own privileges, potentially disrupting field operations, stopping remote terminal unit automation, or causing loss of data integrity in distribution and transmission networks.
Who's at risk
Energy utilities (distribution and transmission operators), transportation/railway automation operators, and anyone managing Schneider Electric Saitel DR or DP Remote Terminal Units. These are field devices that control data acquisition, automation, and integration for electrical distribution networks and railway systems.
How it could be exploited
An attacker who has already gained administrative access to the Saitel DR or DP RTU could exploit improper access controls (CWE-269) to execute arbitrary code or escalate their own privileges within the device firmware, allowing them to modify process behavior or deny service to the RTU.
Prerequisites
  • High-level privileges (administrative/root access) already established on the target RTU
  • Local or direct access to the RTU—this is not a remote network vulnerability
Privilege escalation possibleArbitrary code execution possibleAffects safety-critical distribution and transmission network automationRequires high-level privileges to exploit (reduces risk)
Exploitability
Low exploit probability (EPSS 0.0%)
Affected products (2)
2 with fix
ProductAffected VersionsFix Status
Saitel DR RTU≤ 11.06.29HUe Firmware
Saitel DR RTU 11.06.3011.06.30HUe Firmware
Remediation & Mitigation
0/2
Schedule — requires maintenance window
0/2

Patching may require device reboot — plan for process interruption

Saitel DR RTU
HOTFIXUpdate Saitel DR RTU to HUe Firmware version 11.06.30 or later
All products
HOTFIXUpdate Saitel DP RTU firmware to SM_CPU866e version 11.06.35 or later and reboot the device to complete the upgrade
View full Schneider Electric advisory
↑↓ Navigate · Esc Close
API: /api/v1/advisories/c7402991-0607-4846-aa1d-1a7bc3874b01
Saitel DR & Saitel DP Remote Terminal Unit | CVSS 6.7 - OTPulse