Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1310 CNY

100%
Buy Us a Coffee

Schweitzer Engineering Laboratories — Vulnerabilities & Security Advisories 60

Browse all 60 CVE security advisories affecting Schweitzer Engineering Laboratories. AI-powered Chinese analysis, POCs, and references for each vulnerability.

Schweitzer Engineering Laboratories (SEL) specializes in digital protection relays, automation, and monitoring systems for electrical power grids. With sixty recorded Common Vulnerabilities and Exposures (CVEs), the company’s software ecosystem has historically been susceptible to remote code execution (RCE) and cross-site scripting (XSS) flaws, often stemming from web-based configuration interfaces. Privilege escalation vulnerabilities have also been documented, allowing unauthorized users to gain administrative control over critical infrastructure components. While SEL maintains a robust security posture with regular firmware updates, the nature of its industrial control systems makes it a high-value target for state-sponsored actors and cybercriminals seeking to disrupt energy distribution. Notable incidents include the discovery of hardcoded credentials in older relay models, highlighting the challenges of securing legacy industrial equipment. Despite these risks, SEL continues to implement enhanced encryption and access controls to mitigate threats to global power grid stability.

Top products by Schweitzer Engineering Laboratories: SEL-3505 SEL Blueframe OS SEL-5030 acSELerator QuickSet Software SEL-451 SEL-5037 SEL Grid Configurator SEL-411L SEL-5056 Software-Defined Network Flow Controller SEL-5033 AcSELerator RTAC Software SEL-3532 SEL-5036 acSELerator Bay Screen Builder Software SEL-700BT Motor Bus Transfer Relay SEL-5037 Grid Configurator SEL-3350-1
CVE IDTitleCVSSSeverityPublished
CVE-2023-34391 Insecure Inherited Permissions — SEL-5033 AcSELerator RTAC SoftwareCWE-277 7.4 High2023-08-31
CVE-2023-31175 Execution with Unnecessary Privileges — SEL-5037 SEL Grid ConfiguratorCWE-250 8.8 High2023-08-31
CVE-2023-31174 Cross-Site Request Forgery (CSRF) — SEL-5037 SEL Grid ConfiguratorCWE-352 7.4 High2023-08-31
CVE-2023-31173 Use of Hard-coded Credentials — SEL-5037 SEL Grid ConfiguratorCWE-798 7.7 High2023-08-31
CVE-2023-31172 Incomplete Filtering of Special Elements — SEL-5030 acSELerator QuickSet SoftwareCWE-791 5.9 Medium2023-08-31
CVE-2023-31171 Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') — SEL-5030 acSELerator QuickSet SoftwareCWE-89 5.9 Medium2023-08-31
CVE-2023-31170 Inclusion of Functionality from Untrusted Control Sphere — SEL-5030 acSELerator QuickSet SoftwareCWE-829 5.9 Medium2023-08-31
CVE-2023-31169 Improper Handling of Unicode Encoding — SEL-5030 acSELerator QuickSet SoftwareCWE-176 4.8 Medium2023-08-31
CVE-2023-31168 Inclusion of Functionality from Untrusted Control Sphere — SEL-5030 acSELerator QuickSet SoftwareCWE-829 5.5 Medium2023-08-31
CVE-2023-31167 Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') — SEL-5036 acSELerator Bay Screen Builder SoftwareCWE-22 5.0 Medium2023-08-31
CVE-2023-31166 Improper Limitation of a Pathname to a Restricted Directory — SEL-3505CWE-22 4.1 Medium2023-05-10
CVE-2023-31165 Improper Neutralization of Input During Web Page Generation — SEL-3505CWE-79 4.3 Medium2023-05-10
CVE-2023-31164 Improper Neutralization of Input During Web Page Generation — SEL-3505CWE-79 4.3 Medium2023-05-10
CVE-2023-31163 Improper Neutralization of Input During Web Page Generation — SEL-3505CWE-79 4.3 Medium2023-05-10
CVE-2023-31162 Improper Input Validation in Web Interface — SEL-3505CWE-20 4.8 Medium2023-05-10
CVE-2023-31161 Improper Input Validation in Web Interface — SEL-3532CWE-20 5.9 Medium2023-05-10
CVE-2023-31160 Improper Neutralization of Input During Web Page Generation — SEL-3505CWE-79 4.3 Medium2023-05-10
CVE-2023-31159 Improper Neutralization of Input During Web Page Generation — SEL-3505CWE-79 4.3 Medium2023-05-10
CVE-2023-31158 Improper Neutralization of Input During Web Page Generation — SEL-3505CWE-79 4.3 Medium2023-05-10
CVE-2023-31157 Improper Neutralization of Input During Web Page Generation — SEL-3505CWE-79 4.3 Medium2023-05-10
CVE-2023-31156 Improper Neutralization of Input During Web Page Generation — SEL-3505CWE-79 4.3 Medium2023-05-10
CVE-2023-31155 Improper Neutralization of Input During Web Page Generation — SEL-3505CWE-79 4.3 Medium2023-05-10
CVE-2023-31154 Improper Neutralization of Input During Web Page Generation — SEL-3505CWE-79 4.3 Medium2023-05-10
CVE-2023-31153 Improper Neutralization of Input During Web Page Generation — SEL-3505CWE-79 4.3 Medium2023-05-10
CVE-2023-31152 Authentication Bypass Using an Alternate Path or Channel — SEL-3505CWE-288 4.0 Medium2023-05-10
CVE-2023-31151 Improper Certificate Validation — SEL-3505CWE-295 4.7 Medium2023-05-10
CVE-2023-31150 Storing Passwords in a Recoverable Format — SEL-3505CWE-257 8.0 High2023-05-10
CVE-2023-31149 Improper Input Validation in Web Interface — SEL-3505CWE-20 9.1 Critical2023-05-10
CVE-2023-31148 Improper Input Validation in Web Interface — SEL-3505CWE-20 9.1 Critical2023-05-10
CVE-2023-2310 Channel Accessible by Non-Endpoint — SEL-3505CWE-300 6.8 Medium2023-05-10

This page lists every published CVE security advisory associated with Schweitzer Engineering Laboratories. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.