PT-2023-5398 · Schweitzer Engineering Laboratories · Sel-5033 Acselerator Rtac
Reid Wightman
·
Published
2023-08-31
·
Updated
2023-09-06
·
CVE-2023-34391
CVSS v3.1
7.4
High
| Vector | AV:L/AC:H/PR:L/UI:R/S:C/C:H/I:H/A:L |
Name of the Vulnerable Software and Affected Versions
Schweitzer Engineering Laboratories SEL-5033 AcSELerator RTAC Software versions prior to 1.35.151.21000
Description
The issue is related to incorrect permission assignment for a critical resource, allowing an attacker to manipulate data in configuration files. This can be exploited to leverage or manipulate configuration file search paths.
Recommendations
For versions prior to 1.35.151.21000, update to version 1.35.151.21000 or later to resolve the issue. As a temporary workaround, consider restricting access to configuration files and limiting privileges to minimize the risk of exploitation.
Fix
Incorrect Permission
Found an issue in the description? Have something to add? Feel free to write us 👾
Related Identifiers
Affected Products
Sel-5033 Acselerator Rtac