Skip to main content

Sel 3532 Firmware

20 CVEs product

Monthly

CVE-2023-31166 MEDIUM This Month

An Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in the Schweitzer Engineering Laboratories Real-Time Automation Controller (SEL RTAC) Web Interface. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Path Traversal Sel 2241 Rtac Module Firmware Sel 3350 Firmware Sel 3505 Firmware Sel 3505 3 Firmware +6
NVD
CVSS 3.1
4.3
EPSS
0.6%
CVE-2023-31165 MEDIUM This Month

An Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in the Schweitzer Engineering Laboratories Real-Time Automation Controller (SEL RTAC) Web. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

XSS Sel 2241 Rtac Module Firmware Sel 3350 Firmware Sel 3505 Firmware Sel 3505 3 Firmware +6
NVD
CVSS 3.1
5.4
EPSS
0.4%
CVE-2023-31164 MEDIUM This Month

An Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in the Schweitzer Engineering Laboratories Real-Time Automation Controller (SEL RTAC) Web. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

XSS Sel 2241 Rtac Module Firmware Sel 3350 Firmware Sel 3505 Firmware Sel 3505 3 Firmware +6
NVD
CVSS 3.1
5.4
EPSS
0.4%
CVE-2023-31163 MEDIUM This Month

An Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in the Schweitzer Engineering Laboratories Real-Time Automation Controller (SEL RTAC) Web. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

XSS Sel 2241 Rtac Module Firmware Sel 3350 Firmware Sel 3505 Firmware Sel 3505 3 Firmware +6
NVD
CVSS 3.1
5.4
EPSS
0.4%
CVE-2023-31162 MEDIUM This Month

An Improper Input Validation vulnerability in the Schweitzer Engineering Laboratories Real-Time Automation Controller (SEL RTAC) Web Interface could allow a remote authenticated attacker to. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure Sel 2241 Rtac Module Firmware Sel 3350 Firmware Sel 3505 Firmware Sel 3505 3 Firmware +6
NVD
CVSS 3.1
4.3
EPSS
0.5%
CVE-2023-31161 HIGH This Week

An Improper Input Validation vulnerability in the Schweitzer Engineering Laboratories Real-Time Automation Controller (SEL RTAC) Web Interface could allow an authenticated remote attacker to use. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure Sel 3350 Firmware Sel 3532 Firmware Sel 3555 Firmware Sel 3560E Firmware +1
NVD
CVSS 3.1
8.8
EPSS
0.5%
CVE-2023-31160 MEDIUM This Month

An Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in the Schweitzer Engineering Laboratories Real-Time Automation Controller (SEL RTAC) Web. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

XSS Sel 2241 Rtac Module Firmware Sel 3350 Firmware Sel 3505 Firmware Sel 3505 3 Firmware +6
NVD
CVSS 3.1
5.4
EPSS
0.4%
CVE-2023-31159 MEDIUM This Month

An Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in the Schweitzer Engineering Laboratories Real-Time Automation Controller (SEL RTAC) Web. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

XSS Sel 2241 Rtac Module Firmware Sel 3350 Firmware Sel 3505 Firmware Sel 3505 3 Firmware +6
NVD
CVSS 3.1
5.4
EPSS
0.4%
CVE-2023-31158 MEDIUM This Month

An Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in the Schweitzer Engineering Laboratories Real-Time Automation Controller (SEL RTAC) Web. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

XSS Sel 2241 Rtac Module Firmware Sel 3350 Firmware Sel 3505 Firmware Sel 3505 3 Firmware +6
NVD
CVSS 3.1
5.4
EPSS
0.4%
CVE-2023-31157 MEDIUM This Month

An Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in the Schweitzer Engineering Laboratories Real-Time Automation Controller (SEL RTAC) Web. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

XSS Sel 2241 Rtac Module Firmware Sel 3350 Firmware Sel 3505 Firmware Sel 3505 3 Firmware +6
NVD
CVSS 3.1
5.4
EPSS
0.4%
CVE-2023-31156 MEDIUM This Month

An Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in the Schweitzer Engineering Laboratories Real-Time Automation Controller (SEL RTAC) Web. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

XSS Sel 2241 Rtac Module Firmware Sel 3350 Firmware Sel 3505 Firmware Sel 3505 3 Firmware +6
NVD
CVSS 3.1
5.4
EPSS
0.4%
CVE-2023-31155 MEDIUM This Month

An Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in the Schweitzer Engineering Laboratories Real-Time Automation Controller (SEL RTAC) Web. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

XSS Sel 2241 Rtac Module Firmware Sel 3350 Firmware Sel 3505 Firmware Sel 3505 3 Firmware +6
NVD
CVSS 3.1
5.4
EPSS
0.4%
CVE-2023-31154 MEDIUM This Month

An Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in the Schweitzer Engineering Laboratories Real-Time Automation Controller (SEL RTAC) Web. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

XSS Sel 2241 Rtac Module Firmware Sel 3350 Firmware Sel 3505 Firmware Sel 3505 3 Firmware +6
NVD
CVSS 3.1
5.4
EPSS
0.4%
CVE-2023-31153 MEDIUM This Month

An Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in the Schweitzer Engineering Laboratories Real-Time Automation Controller (SEL RTAC) Web. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

XSS Sel 2241 Rtac Module Firmware Sel 3350 Firmware Sel 3505 Firmware Sel 3505 3 Firmware +6
NVD
CVSS 3.1
5.4
EPSS
0.4%
CVE-2023-31152 HIGH This Week

An Authentication Bypass Using an Alternate Path or Channel vulnerability in the Schweitzer Engineering Laboratories Real-Time Automation Controller (SEL RTAC) Web Interface allows Authentication. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Authentication Bypass Sel 2241 Rtac Module Firmware Sel 3350 Firmware Sel 3505 Firmware Sel 3505 3 Firmware +6
NVD
CVSS 3.1
8.8
EPSS
0.4%
CVE-2023-31151 MEDIUM This Month

An Improper Certificate Validation vulnerability in the Schweitzer Engineering Laboratories Real-Time Automation Controller (SEL RTAC) Web Interface could allow a remote unauthenticated attacker to. Rated medium severity (CVSS 4.2), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Information Disclosure Sel 2241 Rtac Module Firmware Sel 3350 Firmware Sel 3505 Firmware Sel 3505 3 Firmware +6
NVD
CVSS 3.1
4.2
EPSS
0.2%
CVE-2023-31150 MEDIUM This Month

A Storing Passwords in a Recoverable Format vulnerability in the Schweitzer Engineering Laboratories Real-Time Automation Controller (SEL RTAC) database system could allow an authenticated attacker. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure Sel 2241 Rtac Module Firmware Sel 3350 Firmware Sel 3505 Firmware Sel 3505 3 Firmware +6
NVD
CVSS 3.1
6.5
EPSS
0.5%
CVE-2023-31149 HIGH This Week

An Improper Input Validation vulnerability in the Schweitzer Engineering Laboratories Real-Time Automation Controller (SEL RTAC) Web Interface could allow a remote authenticated attacker to execute. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

RCE Sel 2241 Rtac Module Firmware Sel 3350 Firmware Sel 3505 Firmware Sel 3505 3 Firmware +6
NVD
CVSS 3.1
8.8
EPSS
1.1%
CVE-2023-31148 HIGH This Week

An Improper Input Validation vulnerability in the Schweitzer Engineering Laboratories Real-Time Automation Controller (SEL RTAC) Web Interface could allow a remote authenticated attacker to execute. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

RCE Sel 2241 Rtac Module Firmware Sel 3350 Firmware Sel 3505 Firmware Sel 3505 3 Firmware +6
NVD
CVSS 3.1
8.8
EPSS
1.1%
CVE-2023-2310 MEDIUM This Month

A Channel Accessible by Non-Endpoint vulnerability in the Schweitzer Engineering Laboratories SEL Real-Time Automation Controller (RTAC) could allow a remote attacker to perform a man-in-the-middle. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Denial Of Service Sel 2241 Rtac Module Firmware Sel 3350 Firmware Sel 3505 Firmware Sel 3505 3 Firmware +6
NVD
CVSS 3.1
5.3
EPSS
0.5%
EPSS 1% CVSS 4.3
MEDIUM This Month

An Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in the Schweitzer Engineering Laboratories Real-Time Automation Controller (SEL RTAC) Web Interface. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Path Traversal Sel 2241 Rtac Module Firmware Sel 3350 Firmware +8
NVD
EPSS 0% CVSS 5.4
MEDIUM This Month

An Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in the Schweitzer Engineering Laboratories Real-Time Automation Controller (SEL RTAC) Web. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

XSS Sel 2241 Rtac Module Firmware Sel 3350 Firmware +8
NVD
EPSS 0% CVSS 5.4
MEDIUM This Month

An Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in the Schweitzer Engineering Laboratories Real-Time Automation Controller (SEL RTAC) Web. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

XSS Sel 2241 Rtac Module Firmware Sel 3350 Firmware +8
NVD
EPSS 0% CVSS 5.4
MEDIUM This Month

An Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in the Schweitzer Engineering Laboratories Real-Time Automation Controller (SEL RTAC) Web. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

XSS Sel 2241 Rtac Module Firmware Sel 3350 Firmware +8
NVD
EPSS 0% CVSS 4.3
MEDIUM This Month

An Improper Input Validation vulnerability in the Schweitzer Engineering Laboratories Real-Time Automation Controller (SEL RTAC) Web Interface could allow a remote authenticated attacker to. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure Sel 2241 Rtac Module Firmware Sel 3350 Firmware +8
NVD
EPSS 1% CVSS 8.8
HIGH This Week

An Improper Input Validation vulnerability in the Schweitzer Engineering Laboratories Real-Time Automation Controller (SEL RTAC) Web Interface could allow an authenticated remote attacker to use. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure Sel 3350 Firmware Sel 3532 Firmware +3
NVD
EPSS 0% CVSS 5.4
MEDIUM This Month

An Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in the Schweitzer Engineering Laboratories Real-Time Automation Controller (SEL RTAC) Web. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

XSS Sel 2241 Rtac Module Firmware Sel 3350 Firmware +8
NVD
EPSS 0% CVSS 5.4
MEDIUM This Month

An Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in the Schweitzer Engineering Laboratories Real-Time Automation Controller (SEL RTAC) Web. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

XSS Sel 2241 Rtac Module Firmware Sel 3350 Firmware +8
NVD
EPSS 0% CVSS 5.4
MEDIUM This Month

An Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in the Schweitzer Engineering Laboratories Real-Time Automation Controller (SEL RTAC) Web. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

XSS Sel 2241 Rtac Module Firmware Sel 3350 Firmware +8
NVD
EPSS 0% CVSS 5.4
MEDIUM This Month

An Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in the Schweitzer Engineering Laboratories Real-Time Automation Controller (SEL RTAC) Web. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

XSS Sel 2241 Rtac Module Firmware Sel 3350 Firmware +8
NVD
EPSS 0% CVSS 5.4
MEDIUM This Month

An Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in the Schweitzer Engineering Laboratories Real-Time Automation Controller (SEL RTAC) Web. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

XSS Sel 2241 Rtac Module Firmware Sel 3350 Firmware +8
NVD
EPSS 0% CVSS 5.4
MEDIUM This Month

An Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in the Schweitzer Engineering Laboratories Real-Time Automation Controller (SEL RTAC) Web. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

XSS Sel 2241 Rtac Module Firmware Sel 3350 Firmware +8
NVD
EPSS 0% CVSS 5.4
MEDIUM This Month

An Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in the Schweitzer Engineering Laboratories Real-Time Automation Controller (SEL RTAC) Web. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

XSS Sel 2241 Rtac Module Firmware Sel 3350 Firmware +8
NVD
EPSS 0% CVSS 5.4
MEDIUM This Month

An Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in the Schweitzer Engineering Laboratories Real-Time Automation Controller (SEL RTAC) Web. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

XSS Sel 2241 Rtac Module Firmware Sel 3350 Firmware +8
NVD
EPSS 0% CVSS 8.8
HIGH This Week

An Authentication Bypass Using an Alternate Path or Channel vulnerability in the Schweitzer Engineering Laboratories Real-Time Automation Controller (SEL RTAC) Web Interface allows Authentication. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Authentication Bypass Sel 2241 Rtac Module Firmware Sel 3350 Firmware +8
NVD
EPSS 0% CVSS 4.2
MEDIUM This Month

An Improper Certificate Validation vulnerability in the Schweitzer Engineering Laboratories Real-Time Automation Controller (SEL RTAC) Web Interface could allow a remote unauthenticated attacker to. Rated medium severity (CVSS 4.2), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Information Disclosure Sel 2241 Rtac Module Firmware Sel 3350 Firmware +8
NVD
EPSS 0% CVSS 6.5
MEDIUM This Month

A Storing Passwords in a Recoverable Format vulnerability in the Schweitzer Engineering Laboratories Real-Time Automation Controller (SEL RTAC) database system could allow an authenticated attacker. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure Sel 2241 Rtac Module Firmware Sel 3350 Firmware +8
NVD
EPSS 1% CVSS 8.8
HIGH This Week

An Improper Input Validation vulnerability in the Schweitzer Engineering Laboratories Real-Time Automation Controller (SEL RTAC) Web Interface could allow a remote authenticated attacker to execute. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

RCE Sel 2241 Rtac Module Firmware Sel 3350 Firmware +8
NVD
EPSS 1% CVSS 8.8
HIGH This Week

An Improper Input Validation vulnerability in the Schweitzer Engineering Laboratories Real-Time Automation Controller (SEL RTAC) Web Interface could allow a remote authenticated attacker to execute. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

RCE Sel 2241 Rtac Module Firmware Sel 3350 Firmware +8
NVD
EPSS 0% CVSS 5.3
MEDIUM This Month

A Channel Accessible by Non-Endpoint vulnerability in the Schweitzer Engineering Laboratories SEL Real-Time Automation Controller (RTAC) could allow a remote attacker to perform a man-in-the-middle. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Denial Of Service Sel 2241 Rtac Module Firmware Sel 3350 Firmware +8
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy