Vulnerabilities > Selinc > Critical
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-11-30 | CVE-2023-31176 | Insufficient Entropy vulnerability in Selinc Sel-451 Firmware An Insufficient Entropy vulnerability in the Schweitzer Engineering Laboratories SEL-451 could allow an unauthenticated remote attacker to brute-force session tokens and bypass authentication. See product Instruction Manual Appendix A dated 20230830 for more details. | 9.8 |
| 2023-11-30 | CVE-2023-34388 | Improper Authentication vulnerability in Selinc Sel-451 Firmware An Improper Authentication vulnerability in the Schweitzer Engineering Laboratories SEL-451 could allow a remote unauthenticated attacker to potentially perform session hijacking attack and bypass authentication. See product Instruction Manual Appendix A dated 20230830 for more details. | 9.8 |
| 2023-08-31 | CVE-2023-31175 | Improper Privilege Management vulnerability in Selinc Sel-5037 SEL Grid Configurator An Execution with Unnecessary Privileges vulnerability in the Schweitzer Engineering Laboratories SEL-5037 SEL Grid Configurator could allow an attacker to run system commands with the highest level privilege on the system. See Instruction Manual Appendix A and Appendix E dated 20230615 for more details. This issue affects SEL-5037 SEL Grid Configurator: before 4.5.0.20. | 9.8 |
| 2018-07-24 | CVE-2018-10600 | XXE vulnerability in Selinc Acselerator Architect 2.2.24.0 SEL AcSELerator Architect version 2.2.24.0 and prior allows unsanitized input to be passed to the XML parser, which may allow disclosure and retrieval of arbitrary data, arbitrary code execution (in certain situations on specific platforms), and denial of service attacks. | 9.8 |
| 2017-08-07 | CVE-2017-7928 | Unspecified vulnerability in Selinc Sel-3620 Firmware and Sel-3622 Firmware An Improper Access Control issue was discovered in Schweitzer Engineering Laboratories (SEL) SEL-3620 and SEL-3622 Security Gateway Versions R202 and, R203, R203-V1, R203-V2 and, R204, R204-V1. | 10.0 |