Vulnerabilities > CVE-2023-31168 - Inclusion of Functionality from Untrusted Control Sphere vulnerability in Selinc Sel-5030 Acselerator Quickset 7.1.3.0

CVSS 6.5 - MEDIUM

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

NONE

Integrity impact

HIGH

Availability impact

NONE

network

low complexity

selinc

CWE-829

NVD

Published: 2023-08-31

Updated: 2023-09-05

Summary

An Inclusion of Functionality from Untrusted Control Sphere vulnerability in the Schweitzer Engineering Laboratories SEL-5030 acSELerator QuickSet Software could allow an attacker to embed instructions that could be executed by an authorized device operator. See Instruction Manual Appendix A and Appendix E dated 20230615 for more details. This issue affects SEL-5030 acSELerator QuickSet Software: through 7.1.3.0.

Vulnerable Configurations

Part	Description	Count
Application	Selinc Selinc SEL 5030 Acselerator Quickset - Selinc SEL 5030 Acselerator Quickset 7.1.3.0	2

Common Weakness Enumeration (CWE)

CWE-829 - Inclusion of Functionality from Untrusted Control Sphere

Summary

Vulnerable Configurations

Common Weakness Enumeration (CWE)

References