Vulnerabilities > CVE-2023-2265 - Improper Restriction of Rendered UI Layers or Frames vulnerability in Selinc Sel-411L Firmware

CVSS 6.1 - MEDIUM

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

LOW

Integrity impact

LOW

Availability impact

NONE

network

low complexity

selinc

CWE-1021

NVD

Published: 2023-11-30

Updated: 2023-12-06

Summary

An Improper Restriction of Rendered UI Layers or Frames in the Schweitzer Engineering Laboratories SEL-411L could allow an unauthenticated attacker to perform clickjacking based attacks against an authenticated and authorized user. See product Instruction Manual Appendix A dated 20230830 for more details.

Vulnerable Configurations

Part	Description	Count
OS	Selinc Selinc SEL 411L Firmware R118-V0 Selinc SEL 411L Firmware R119-V0 Selinc SEL 411L Firmware R120-V0 Selinc SEL 411L Firmware R121-V0 Selinc SEL 411L Firmware R122-V0 Selinc SEL 411L Firmware R123-V0 Selinc SEL 411L Firmware R124-V0 Selinc SEL 411L Firmware R125-V0 Selinc SEL 411L Firmware R126-V0 Selinc SEL 411L Firmware R127-V0 Selinc SEL 411L Firmware R128-V0 Selinc SEL 411L Firmware R129-V0	12
Hardware	Selinc Selinc SEL 411L -	1

Common Weakness Enumeration (CWE)

CWE-1021 - Improper Restriction of Rendered UI Layers or Frames

References

https://selinc.com/support/security-notifications/external-reports/