DIRECTORY

  • Alerts
  • APTs
  • Blog
  • Books
  • Certifications
  • Cheat Sheets
  • Courses
  • Cyber Briefing
  • CyberDecoded
  • CyberReview
  • CyberStory
  • CyberTips
  • Definitions
  • Domains
  • Entertainment
  • FAQ
  • Frameworks
  • Hardware Tools
  • Incidents
  • Malware
  • News
  • Papers
  • Podcasts
  • Quotes
  • Reports
  • Tools
  • Threats
  • Tutorials
No Result
View All Result
  • Login
  • Register
  • Cyber Citizens
  • Cyber Professionals
  • Institutions
CyberMaterial
Talk To An Expert
  • Cyber Citizens
  • Cyber Professionals
  • Institutions
CyberMaterial
No Result
View All Result
Talk To An Expert
CyberMaterial
Home Alerts

Nine High-Severity Flaws in SEL Products

September 6, 2023
Reading Time: 2 mins read
in Alerts

Nine vulnerabilities, four of which are deemed of “high severity,” have been uncovered and patched in Schweitzer Engineering Laboratories’ (SEL) electric power management products by researchers at industrial cybersecurity firm Nozomi Networks.

SEL, a U.S.-based company serving the electric power sector, produces software products like SEL-5030 acSELerator QuickSet and SEL-5037 Grid Configurator for configuring and managing power system protection, control, metering, and monitoring. The most critical vulnerability, CVE-2023-31171, enables arbitrary code execution when an attacker convinces a user to import a specially crafted device configuration file. This flaw can be combined with CVE-2023-31175 to escalate privileges.

Exploitation by malicious insiders or external threat actors through social engineering could lead to data theft, surveillance, device manipulation, and network lateral movement. Another serious issue allows arbitrary command execution and device configuration changes via a link click or by setting up a watering hole that victims are likely to visit. SEL has issued software updates to address these vulnerabilities, following a previous discovery of 19 security holes in their products earlier this year by Nozomi Networks.

These vulnerabilities could potentially enable attackers to tamper with device functionality, manipulate information displayed to operators, and access other systems using the same credentials, posing risks to power infrastructure security.

Source:
  • 9 Vulnerabilities Patched in SEL Power System Management Products
  • 9 New Vulnerabilities Impact Schweitzer Engineering Labs Software Applications on Engineering Workstations
Tags: AlertsAlerts 2023CyberattackCybersecurityNozomi NetworksSchweitzer Engineering LaboratoriesSELSeptember 2023USAVulnerabilities
28
VIEWS
ADVERTISEMENT

Related Posts

Critical WordPress Plugin Flaws

Critical WordPress Plugin Flaws

September 29, 2023
Cisco Warns of Critical SD-WAN Flaw

Cisco Warns of Critical SD-WAN Flaw

September 29, 2023
Malicious Packages on npm and PyPI

Malicious Packages on npm and PyPI

September 29, 2023
Critical WordPress Plugin Flaws

Critical SharePoint Vulnerabilities Revealed

September 29, 2023

More Articles

Incidents

IT Services Provider Hit by Donut Gang

September 22, 2023
Alerts

Chinese-Language Phishing Campaigns

September 20, 2023
Cyber Briefing

September 22, 2023 – Cyber Briefing

September 22, 2023
Cyber Briefing

September 21, 2023 – Cyber Briefing

September 21, 2023

Security through data

Cybersecurity Domains

  • API Security
  • Business Continuity
  • Career Development
  • Compliance
  • Cryptography
  • HSM
  • KPIs / KRIs
  • Penetration Testing
  • Shift Left
  • Vulnerability Scan

Emerging Technologies

  • 5G
  • Artificial Intelligence
  • Blockchain
  • Cryptocurrency
  • Deepfake
  • E-Commerce
  • Healthcare
  • IoT
  • Quantum Computing

Frameworks

  • CIS Controls
  • CCPA
  • GDPR
  • NIST
  • 23 NYCRR 500
  • HIPAA

Repository

  • Books
  • Certifications
  • Definitions
  • Documents
  • Entertainment
  • Quotes
  • Reports

Threats

  • APTs
  • DDoS
  • Insider Threat
  • Malware
  • Phishing
  • Ransomware
  • Social Engineering

© 2023 | CyberMaterial | All rights reserved.

World’s #1 Cybersecurity Repository

  • About
  • Legal and Privacy Policy
  • Site Map
No Result
View All Result
  • Alerts
  • Incidents
  • News
  • Audience
    • Cyber Citizens
    • Cyber Professionals
    • Institutions
  • Highlights
    • Blog
    • CyberDecoded
    • Cyber Review
    • CyberStory
    • CyberTips
  • Cyber Risks
    • Alerts
    • Attackers
    • Domains
    • Incidents
    • Threats
  • Opportunities
    • Events
    • Jobs
  • Repository
    • Books
    • Certifications
    • Cheat Sheets
    • Courses
    • Definitions
    • Frameworks
    • Games
    • Hardware Tools
    • Memes
    • Movies
    • Papers
    • Podcasts
    • Quotes
    • Reports
    • Tutorials
  • Report Cyber Incident
  • GET HELP
  • Contact Us

Subscribe to our newsletter

© 2022 Cybermaterial - Security Through Data .

Welcome Back!

Sign In with Google
Sign In with Linked In
OR

Forgotten Password? Sign Up

Create New Account!

Sign Up with Google
Sign Up with Linked In
OR

All fields are required. Log In

Retrieve your password

Please enter your username or email address to reset your password.

Log In

Add New Playlist

This website uses cookies. By continuing to use this website you are giving consent to cookies being used. Visit our Privacy and Cookie Policy.