A Missing Authentication for Critical Function vulnerability in the Schweitzer Engineering Laboratories SEL-5037 SEL Grid Configurator could allow an attacker to run arbitrary commands on managed devices by an authorized device operator.
See Instruction Manual Appendix A and Appendix E dated 20230615 for more details.
This issue affects SEL-5037 SEL Grid Configurator: before 4.5.0.20.
References
Link | Resource |
---|---|
https://selinc.com/support/security-notifications/external-reports/ | Vendor Advisory |
https://www.nozominetworks.com/blog/ | Third Party Advisory |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: SEL
Published: 2023-08-31T15:31:57.140Z
Updated: 2023-08-31T15:31:57.140Z
Reserved: 2023-06-02T17:18:29.697Z
Link: CVE-2023-34392
JSON object: View
NVD Information
Status : Analyzed
Published: 2023-08-31T16:15:10.123
Modified: 2023-09-05T16:27:51.523
Link: CVE-2023-34392
JSON object: View
Redhat Information
No data.
CWE