Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

Schweitzer Engineering Laboratories — Vulnerabilities & Security Advisories 60

Browse all 60 CVE security advisories affecting Schweitzer Engineering Laboratories. AI-powered Chinese analysis, POCs, and references for each vulnerability.

Schweitzer Engineering Laboratories (SEL) specializes in digital protection relays, automation, and monitoring systems for electrical power grids. With sixty recorded Common Vulnerabilities and Exposures (CVEs), the company’s software ecosystem has historically been susceptible to remote code execution (RCE) and cross-site scripting (XSS) flaws, often stemming from web-based configuration interfaces. Privilege escalation vulnerabilities have also been documented, allowing unauthorized users to gain administrative control over critical infrastructure components. While SEL maintains a robust security posture with regular firmware updates, the nature of its industrial control systems makes it a high-value target for state-sponsored actors and cybercriminals seeking to disrupt energy distribution. Notable incidents include the discovery of hardcoded credentials in older relay models, highlighting the challenges of securing legacy industrial equipment. Despite these risks, SEL continues to implement enhanced encryption and access controls to mitigate threats to global power grid stability.

Top products by Schweitzer Engineering Laboratories: SEL-3505 SEL Blueframe OS SEL-5030 acSELerator QuickSet Software SEL-451 SEL-5037 SEL Grid Configurator SEL-411L SEL-5056 Software-Defined Network Flow Controller SEL-5033 AcSELerator RTAC Software SEL-3532 SEL-5036 acSELerator Bay Screen Builder Software SEL-700BT Motor Bus Transfer Relay SEL-5037 Grid Configurator SEL-3350-1
CVE IDTitleCVSSSeverityPublished
CVE-2025-48018 Deserialization of Untrusted Data — SEL-5030 acSELerator QuickSet SoftwareCWE-502 7.5 High2025-05-20
CVE-2025-48017 Improper Limitation of a Pathname to a Restricted Directory — SEL-5056 Software-Defined Network Flow ControllerCWE-22 9.0 Critical2025-05-20
CVE-2025-48016 Improper Control of Interaction Frequency — SEL-5056 Software-Defined Network Flow ControllerCWE-799 4.3 Medium2025-05-20
CVE-2025-48015 Observable Response Discrepancy — SEL-5056 Software-Defined Network Flow ControllerCWE-204 3.7 Low2025-05-20
CVE-2025-48014 Improper Restriction of Excessive Authentication Attempts — SEL-5056 Software-Defined Network Flow ControllerCWE-307 7.5 High2025-05-20
CVE-2025-46743 Cross-Site Request Forgery — SEL Blueframe OSCWE-352 6.3 Medium2025-05-12
CVE-2025-46750 Authentication Bypass — SEL-3350-1CWE-305 4.4 Medium2025-05-12
CVE-2025-46749 Improper Neutralization of Input — SEL Blueframe OSCWE-79 4.3 Medium2025-05-12
CVE-2025-46748 Unverified Password Change — SEL Blueframe OSCWE-620 2.7 Low2025-05-12
CVE-2025-46747 Exposure of Sensitive System Information — SEL Blueframe OSCWE-497 5.7 Medium2025-05-12
CVE-2025-46746 Error Message Contains Sensitive Information — SEL Blueframe OSCWE-209 5.8 Medium2025-05-12
CVE-2025-46745 Improper Privilege Management — SEL Blueframe OSCWE-862 6.5 Medium2025-05-12
CVE-2025-46744 Improper Privilege Management — SEL Blueframe OSCWE-863 2.7 Low2025-05-12
CVE-2025-46742 Improper Access Control — SEL Blueframe OSCWE-521 4.3 Medium2025-05-12
CVE-2025-46741 Improper Privilege Management — SEL Blueframe OSCWE-613 5.7 Medium2025-05-12
CVE-2025-46740 Improper Handling of Insufficient Permissions — SEL Blueframe OSCWE-280 7.5 High2025-05-12
CVE-2025-46739 Improper Restriction of Excessive Authentication Attempts — SEL Blueframe OSCWE-307 8.1 High2025-05-12
CVE-2025-46738 Deserialization of Untrusted Data — SEL-5033 acSELerator RTAC SoftwareCWE-502 6.6 Medium2025-05-12
CVE-2025-46737 Origin Validation Error — SEL-5037 Grid ConfiguratorCWE-346 7.4 High2025-05-12
CVE-2024-2103 Inclusion of Undocumented Features — SEL-700BT Motor Bus Transfer RelayCWE-1242 6.5 Medium2024-04-04
CVE-2023-2267 Improper input validation could lead to reflection injection attacks — SEL-411LCWE-20 4.3 Medium2023-11-30
CVE-2023-2266 Improper neutralization of input during web page generation could lead to cross-site scripting based attacks — SEL-411LCWE-79 4.3 Medium2023-11-30
CVE-2023-2265 Improper restriction of rendered UI layers or frames could lead to clickjacking attack — SEL-411LCWE-1021 4.3 Medium2023-11-30
CVE-2023-2264 Improper input validition could lead to code injection — SEL-411LCWE-20 4.0 Medium2023-11-30
CVE-2023-34390 Improper input validation could lead to denial of service — SEL-451CWE-20 4.5 Medium2023-11-30
CVE-2023-34389 Allocation of resources without limits could lead to denial of service — SEL-451CWE-770 4.5 Medium2023-11-30
CVE-2023-34388 Improper authentication could lead to session hijacking — SEL-451CWE-287 6.5 Medium2023-11-30
CVE-2023-31177 Improper neutralizataion of input could lead to execution of arbitrary code — SEL-451CWE-79 4.3 Medium2023-11-30
CVE-2023-31176 Insufficient entropy vulnerability could lead to authentication bypass — SEL-451CWE-331 7.5 High2023-11-30
CVE-2023-34392 Missing Authentication for Critical Function — SEL-5037 SEL Grid ConfiguratorCWE-306 8.2 High2023-08-31

This page lists every published CVE security advisory associated with Schweitzer Engineering Laboratories. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.