PT-2023-23182 · Schweitzer Engineering Laboratories · Sel Rtac
Andrea Palanca
·
Publicado
2023-05-10
·
Atualizado
2023-05-17
·
CVE-2023-31149
CVSS v3.1
9.1
Crítica
| Vetor | AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H |
Name of the Vulnerable Software and Affected Versions
Schweitzer Engineering Laboratories Real-Time Automation Controller (SEL RTAC) (affected versions not specified)
Description
An Improper Input Validation issue in the SEL RTAC Web Interface could allow a remote authenticated attacker to execute arbitrary code. The estimated number of potentially affected devices worldwide is not provided. There is no information about real-world incidents where this issue was exploited. Technical details about exploitation include the possibility of executing arbitrary code through improper input validation in the web interface.
Recommendations
At the moment, there is no information about a newer version that contains a fix for this vulnerability.
RCE
Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
Enumeração de Fraquezas
Identificadores relacionados
Produtos afetados
Sel Rtac