VYPR
Vendor

Schweitzer Engineering Laboratories, Inc.

Products
26
CVEs
51
Across products
136
Status
Private

Products

26

Recent CVEs

51
View all 51 CVEs →
  • CVE-2018-10600CriJul 24, 2018
    risk 0.64cvss 9.8epss 0.02

    SEL AcSELerator Architect version 2.2.24.0 and prior allows unsanitized input to be passed to the XML parser, which may allow disclosure and retrieval of arbitrary data, arbitrary code execution (in certain situations on specific platforms), and denial of service attacks.

  • CVE-2018-10604HigJul 24, 2018
    risk 0.57cvss 8.8epss 0.02

    SEL Compass version 3.0.5.1 and prior allows all users full access to the SEL Compass directory, which may allow modification or overwriting of files within the Compass installation folder, resulting in escalation of privilege and/or malicious code execution.

  • CVE-2018-10608HigJul 24, 2018
    risk 0.52cvss 7.5epss 0.08

    SEL AcSELerator Architect version 2.2.24.0 and prior can be exploited when the AcSELerator Architect FTP client connects to a malicious FTP server, which may cause denial of service via 100% CPU utilization. Restart of the application is required.

  • CVE-2025-46737HigMay 12, 2025
    risk 0.48cvss 7.4epss 0.00

    SEL-5037 Grid Configurator contains an overly permissive Cross Origin Resource Sharing (CORS) configuration for a data gateway service in the application. This gateway service includes an API which is not properly configured to reject requests from unexpected sources.

  • CVE-2025-46738MedMay 12, 2025
    risk 0.43cvss 6.6epss 0.00

    An authenticated attacker can maliciously modify layout data files in the SEL-5033 installation directory to execute arbitrary code.

  • CVE-2024-2103MedApr 4, 2024
    risk 0.42cvss 6.5epss 0.00

    Inclusion of undocumented features vulnerability accessible when logged on with a privileged access level on the following Schweitzer Engineering Laboratories relays could allow the relay to behave unpredictably: SEL-700BT Motor Bus Transfer Relay, SEL-700G Generator Protection…

  • CVE-2025-46741MedMay 12, 2025
    risk 0.37cvss 5.7epss 0.00

    A suspended or recently logged-out user could continue to interact with Blueframe until the time-out period occurred.

  • CVE-2025-46750MedMay 12, 2025
    risk 0.29cvss 4.4epss 0.00

    SEL BIOS packages prior to 1.3.49152.117 or 2.6.49152.98 allow a local attacker to bypass password authentication and change password-protected BIOS settings by importing a BIOS settings file with no password set.

  • CVE-2023-2267Nov 30, 2023
    risk 0.00cvss epss 0.00

    An Improper Input Validation vulnerability in Schweitzer Engineering Laboratories SEL-411L could allow an attacker to perform reflection attacks against an authorized and authenticated user. See product Instruction Manual Appendix A dated 20230830 for more details.

  • CVE-2023-2266Nov 30, 2023
    risk 0.00cvss epss 0.00

    An Improper neutralization of input during web page generation in the Schweitzer Engineering Laboratories SEL-411L could allow an attacker to generate cross-site scripting based attacks against an authorized and authenticated user. See product Instruction Manual Appendix A…

  • CVE-2023-2265Nov 30, 2023
    risk 0.00cvss epss 0.00

    An Improper Restriction of Rendered UI Layers or Frames in the Schweitzer Engineering Laboratories SEL-411L could allow an unauthenticated attacker to perform clickjacking based attacks against an authenticated and authorized user. See product Instruction Manual Appendix A…

  • CVE-2023-2264Nov 30, 2023
    risk 0.00cvss epss 0.00

    An improper input validation vulnerability in the Schweitzer Engineering Laboratories SEL-411L could allow a malicious actor to manipulate authorized users to click on a link that could allow undesired behavior. See product Instruction Manual Appendix A dated 20230830 for…

  • CVE-2023-34390Nov 30, 2023
    risk 0.00cvss epss 0.01

    An input validation vulnerability in the Schweitzer Engineering Laboratories SEL-451 could allow a remote authenticated attacker to create a denial of service against the system and locking out services. See product Instruction Manual Appendix A dated 20230830 for more…

  • CVE-2023-34389Nov 30, 2023
    risk 0.00cvss epss 0.01

    An allocation of resources without limits or throttling vulnerability in the Schweitzer Engineering Laboratories SEL-451 could allow a remote authenticated attacker to make the system unavailable for an indefinite amount of time. See product Instruction Manual Appendix A…

  • CVE-2023-34388Nov 30, 2023
    risk 0.00cvss epss 0.01

    An Improper Authentication vulnerability in the Schweitzer Engineering Laboratories SEL-451 could allow a remote unauthenticated attacker to potentially perform session hijacking attack and bypass authentication. See product Instruction Manual Appendix A dated 20230830 for…

  • CVE-2023-31177Nov 30, 2023
    risk 0.00cvss epss 0.00

    An Improper Neutralization of Input During Web Page Generation  ('Cross-site Scripting') in the Schweitzer Engineering Laboratories SEL-451 could allow an attacker to craft a link that could execute arbitrary code on a victim's system. See product Instruction Manual Appendix…

  • CVE-2023-31176Nov 30, 2023
    risk 0.00cvss epss 0.01

    An Insufficient Entropy vulnerability in the Schweitzer Engineering Laboratories SEL-451 could allow an unauthenticated remote attacker to brute-force session tokens and bypass authentication.  See product Instruction Manual Appendix A dated 20230830 for more details.

  • CVE-2023-34392Aug 31, 2023
    risk 0.00cvss epss 0.00

    A Missing Authentication for Critical Function vulnerability in the Schweitzer Engineering Laboratories SEL-5037 SEL Grid Configurator could allow an attacker to run arbitrary commands on managed devices by an authorized device operator. See Instruction Manual Appendix A…

  • CVE-2023-34391Aug 31, 2023
    risk 0.00cvss epss 0.00

    Insecure Inherited Permissions vulnerability in Schweitzer Engineering Laboratories SEL-5033 AcSELerator RTAC Software on Windows allows Leveraging/Manipulating Configuration File Search Paths. See Instruction Manual Appendix A [Cybersecurity] tag dated 20230522 for more…

  • CVE-2023-31175Aug 31, 2023
    risk 0.00cvss epss 0.00

    An Execution with Unnecessary Privileges vulnerability in the Schweitzer Engineering Laboratories SEL-5037 SEL Grid Configurator could allow an attacker to run system commands with the highest level privilege on the system. See Instruction Manual Appendix A and Appendix E…