CVE-2023-31169

Published: Aug 31, 2023Modified: Nov 21, 2024

5.7

Vector

CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:H/A:N

Exploitability: 2.1 / Impact: 3.6

Source: NVD

Description

An Improper Handling of Unicode Encoding vulnerability in the Schweitzer Engineering Laboratories SEL-5030 acSELerator QuickSet Software could allow an attacker to embed instructions that could be executed by an authorized device operator. See Instruction Manual Appendix A and Appendix E dated 20230615 for more details. This issue affects SEL-5030 acSELerator QuickSet Software: through 7.1.3.0.

Affected (1)

Products: Selinc: Sel 5030 Acselerator Quickset

1 product

Sel 5030 Acselerator Quickset

Configuration A

1 vulnerable

Vulnerable Software	Affected Versions
Selinc Sel 5030 Acselerator Quickset	Up to 7.1.3.0

Related CWEs

Improper Handling of Unicode Encoding

The product does not properly handle when an input contains Unicode encoding.

Improper Handling of Exceptional Conditions

The product does not handle or incorrectly handles an exceptional condition.

References (4)

https://selinc.com/support/security-notifications/external-reports/

Source: security@selinc.com

Vendor Advisory

https://www.nozominetworks.com/blog/

Source: security@selinc.com

Third Party Advisory

https://selinc.com/support/security-notifications/external-reports/

Source: af854a3a-2127-422b-91ae-364da2661108

Vendor Advisory

https://www.nozominetworks.com/blog/

Source: af854a3a-2127-422b-91ae-364da2661108

Third Party Advisory

Timeline

No history available yet.