Menu

  • Alerts
  • Incidents
  • News
  • APTs
  • Cyber Decoded
  • Cyber Hygiene
  • Cyber Review
  • Cyber Tips
  • Definitions
  • Malware
  • Threat Actors
  • Tutorials

Useful Tools

  • Password generator
  • Report an incident
  • Report to authorities
No Result
View All Result
CTF Hack Havoc
CyberMaterial
  • Education
    • Cyber Decoded
    • Definitions
  • Information
    • Alerts
    • Incidents
    • News
  • Insights
    • Cyber Hygiene
    • Cyber Review
    • Tips
    • Tutorials
  • Support
    • Contact Us
    • Report an incident
  • About
    • About Us
    • Advertise with us
Get Help
Hall of Hacks
  • Education
    • Cyber Decoded
    • Definitions
  • Information
    • Alerts
    • Incidents
    • News
  • Insights
    • Cyber Hygiene
    • Cyber Review
    • Tips
    • Tutorials
  • Support
    • Contact Us
    • Report an incident
  • About
    • About Us
    • Advertise with us
Get Help
No Result
View All Result
Hall of Hacks
CyberMaterial
No Result
View All Result
Home Alerts

Nine High-Severity Flaws in SEL Products

September 6, 2023
Reading Time: 2 mins read
in Alerts

Nine vulnerabilities, four of which are deemed of “high severity,” have been uncovered and patched in Schweitzer Engineering Laboratories’ (SEL) electric power management products by researchers at industrial cybersecurity firm Nozomi Networks.

SEL, a U.S.-based company serving the electric power sector, produces software products like SEL-5030 acSELerator QuickSet and SEL-5037 Grid Configurator for configuring and managing power system protection, control, metering, and monitoring. The most critical vulnerability, CVE-2023-31171, enables arbitrary code execution when an attacker convinces a user to import a specially crafted device configuration file. This flaw can be combined with CVE-2023-31175 to escalate privileges.

Exploitation by malicious insiders or external threat actors through social engineering could lead to data theft, surveillance, device manipulation, and network lateral movement. Another serious issue allows arbitrary command execution and device configuration changes via a link click or by setting up a watering hole that victims are likely to visit. SEL has issued software updates to address these vulnerabilities, following a previous discovery of 19 security holes in their products earlier this year by Nozomi Networks.

These vulnerabilities could potentially enable attackers to tamper with device functionality, manipulate information displayed to operators, and access other systems using the same credentials, posing risks to power infrastructure security.

Source:
  • 9 Vulnerabilities Patched in SEL Power System Management Products
  • 9 New Vulnerabilities Impact Schweitzer Engineering Labs Software Applications on Engineering Workstations
Tags: AlertsAlerts 2023Cyber AlertCyber Alerts 2023CyberattackCybersecurityNozomi NetworksSchweitzer Engineering LaboratoriesSELSeptember 2023USAVulnerabilities
ADVERTISEMENT

Related Posts

Water Curse Group Hits Developers Via GitHub

Water Curse Group Hits Developers Via GitHub

June 17, 2025
Water Curse Group Hits Developers Via GitHub

XDSpy Exploits Windows LNK Zero Day

June 17, 2025
Water Curse Group Hits Developers Via GitHub

CISA Warns Of Apple Zero Click Exploit

June 17, 2025
PyPI Malware Steals AWS, CI/CD, macOS Data

PyPI Malware Steals AWS, CI/CD, macOS Data

June 16, 2025
PyPI Malware Steals AWS, CI/CD, macOS Data

Image Hiding in DNS TXT Records

June 16, 2025
PyPI Malware Steals AWS, CI/CD, macOS Data

IBM Backup Service Flaw Allows Elevated Access

June 16, 2025

Latest Alerts

Water Curse Group Hits Developers Via GitHub

XDSpy Exploits Windows LNK Zero Day

CISA Warns Of Apple Zero Click Exploit

PyPI Malware Steals AWS, CI/CD, macOS Data

IBM Backup Service Flaw Allows Elevated Access

Image Hiding in DNS TXT Records

Subscribe to our newsletter

    Latest Incidents

    Zoomcar Data Breach Hits 8.4 Million Users

    Qilin Gang Leaks Asefa FC Barcelona Data

    Gunra Claims 45TB Hack On Colombia Justice

    Hackers Leak 10K VirtualMacOSX Customer Data

    Canada WestJet Airline Contains Cyberattack

    Washington Post Investigates Cyberattack on Emails

    CyberMaterial Logo
    • About Us
    • Contact Us
    • Jobs
    • Legal and Privacy Policy
    • Site Map

    © 2025 | CyberMaterial | All rights reserved

    Welcome Back!

    Login to your account below

    Forgotten Password?

    Retrieve your password

    Please enter your username or email address to reset your password.

    Log In

    Add New Playlist

    No Result
    View All Result
    • Alerts
    • Incidents
    • News
    • Cyber Decoded
    • Cyber Hygiene
    • Cyber Review
    • Definitions
    • Malware
    • Cyber Tips
    • Tutorials
    • Advanced Persistent Threats
    • Threat Actors
    • Report an incident
    • Password Generator
    • About Us
    • Contact Us
    • Advertise with us

    Copyright © 2025 CyberMaterial