Lucene search

[email protected]CVE-2023-2310

HistoryMay 10, 2023 - 8:15 p.m.

CVE-2023-2310

2023-05-1020:15:09

CWE-300

[email protected]

web.nvd.nist.gov

cve-2023-2310

channel accessible

non-endpoint

rtac

schweitzer engineering laboratories

mitm

denial of service

nvd

acselerator rtac sel-5033 software

cve

6.8 Medium

CVSS3

Attack Vector

NETWORK

Attack Complexity

HIGH

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:H/A:H

5.4 Medium

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

47.6%

JSON

A Channel Accessible by Non-Endpoint vulnerability in the Schweitzer Engineering Laboratories SEL Real-Time Automation Controller (RTAC) could allow a remote attacker to perform a man-in-the-middle (MiTM) that could result in denial of service.

See the ACSELERATOR RTAC SEL-5033 Software instruction manual date code 20210915 for more details.

Affected configurations

NVD

Node

selincsel-2241_rtac_moduleMatch-

AND

selincsel-2241_rtac_module_firmwareRanger113-v0–r150-v2

Node

selincsel-3350Match-

AND

selincsel-3350_firmwareRanger148-v0–r150-v2

Node

selincsel-3505Match-

AND

selincsel-3505_firmwareRanger119-v0–r150-v2

Node

selincsel-3505-3Match-

AND

selincsel-3505-3_firmwareRanger132-v0–r150-v2

Node

selincsel-3530Match-

AND

selincsel-3530_firmwareRanger100-v0–r150-v2

Node

selincsel-3530-4Match-

AND

selincsel-3530-4_firmwareRanger108-v0–r150-v2

Node

selincsel-3532Match-

AND

selincsel-3532_firmwareRanger132-v0–r150-v2

Node

selincsel-3555_firmwareRanger134-v0–r150-v2

AND

selincsel-3555Match-

Node

selincsel-3560e_firmwareRanger144-v2–r150-v2

AND

selincsel-3560eMatch-

Node

selincsel-3560s_firmwareRanger144-v2–r150-v2

AND

selincsel-3560sMatch-

CPENameOperatorVersion
selinc:sel-2241_rtac_module_firmwareselinc sel-2241 rtac module firmwareltr150-v2

CPE	Name	Operator	Version
selinc:sel-2241_rtac_module_firmware	selinc sel-2241 rtac module firmware	lt	r150-v2

CNA Affected

[
  {
    "defaultStatus": "unaffected",
    "platforms": [
      "Linux"
    ],
    "product": "SEL-3505",
    "vendor": "Schweitzer Engineering Laboratories",
    "versions": [
      {
        "lessThan": "R150-V2",
        "status": "affected",
        "version": "R119-V0",
        "versionType": "custom"
      },
      {
        "lessThan": "R149-V4",
        "status": "affected",
        "version": "R119-V0",
        "versionType": "custom"
      },
      {
        "lessThan": "R148-V7",
        "status": "affected",
        "version": "R119-V0",
        "versionType": "custom"
      },
      {
        "lessThan": "R147-V6",
        "status": "affected",
        "version": "R119-V0",
        "versionType": "custom"
      }
    ]
  },
  {
    "defaultStatus": "unaffected",
    "platforms": [
      "Linux"
    ],
    "product": "SEL-3505-3",
    "vendor": "Schweitzer Engineering Laboratories, Inc.",
    "versions": [
      {
        "lessThan": "R150-V2",
        "status": "affected",
        "version": "R132-V0",
        "versionType": "custom"
      },
      {
        "lessThan": "R149-V4",
        "status": "affected",
        "version": "R132-V0",
        "versionType": "custom"
      },
      {
        "lessThan": "R148-V7",
        "status": "affected",
        "version": "R132-V0",
        "versionType": "custom"
      },
      {
        "lessThan": "R147-V6",
        "status": "affected",
        "version": "R132-V0",
        "versionType": "custom"
      }
    ]
  },
  {
    "defaultStatus": "unaffected",
    "platforms": [
      "Linux"
    ],
    "product": "SEL-3530",
    "vendor": "Schweitzer Engineering Laboratories",
    "versions": [
      {
        "lessThan": "R150-V2",
        "status": "affected",
        "version": "R100-V0",
        "versionType": "custom"
      },
      {
        "lessThan": "R149-V4",
        "status": "affected",
        "version": "R100-V0",
        "versionType": "custom"
      },
      {
        "lessThan": "R148-V7",
        "status": "affected",
        "version": "R100-V0",
        "versionType": "custom"
      },
      {
        "lessThan": "R147-V6",
        "status": "affected",
        "version": "R100-V0",
        "versionType": "custom"
      }
    ]
  },
  {
    "defaultStatus": "unaffected",
    "platforms": [
      "Linux"
    ],
    "product": "SEL-3530-4",
    "vendor": "Schweitzer Engineering Laboratories, Inc.",
    "versions": [
      {
        "lessThan": "R150-V2",
        "status": "affected",
        "version": "R108-V0",
        "versionType": "custom"
      },
      {
        "lessThan": "R149-V4",
        "status": "affected",
        "version": "R108-V0",
        "versionType": "custom"
      },
      {
        "lessThan": "R148-V7",
        "status": "affected",
        "version": "R108-V0",
        "versionType": "custom"
      },
      {
        "lessThan": "R147-V6",
        "status": "affected",
        "version": "R108-V0",
        "versionType": "custom"
      }
    ]
  },
  {
    "defaultStatus": "unaffected",
    "platforms": [
      "Linux"
    ],
    "product": "SEL-3532",
    "vendor": "Schweitzer Engineering Laboratories, Inc.",
    "versions": [
      {
        "lessThan": "R150-V2",
        "status": "affected",
        "version": "R132-V0",
        "versionType": "custom"
      },
      {
        "lessThan": "R149-V4",
        "status": "affected",
        "version": "R132-V0",
        "versionType": "custom"
      },
      {
        "lessThan": "R148-V7",
        "status": "affected",
        "version": "R132-V0",
        "versionType": "custom"
      },
      {
        "lessThan": "R147-V6",
        "status": "affected",
        "version": "R132-V0",
        "versionType": "custom"
      }
    ]
  },
  {
    "defaultStatus": "unaffected",
    "platforms": [
      "Linux"
    ],
    "product": "SEL-3555",
    "vendor": "Schweitzer Engineering Laboratories, Inc.",
    "versions": [
      {
        "lessThan": "R150-V2",
        "status": "affected",
        "version": "R134-V0",
        "versionType": "custom"
      },
      {
        "lessThan": "R149-V4",
        "status": "affected",
        "version": "R134-V0",
        "versionType": "custom"
      },
      {
        "lessThan": "R148-V7",
        "status": "affected",
        "version": "R134-V0",
        "versionType": "custom"
      },
      {
        "lessThan": "R147-V6",
        "status": "affected",
        "version": "R134-V0",
        "versionType": "custom"
      }
    ]
  },
  {
    "defaultStatus": "unaffected",
    "platforms": [
      "Linux"
    ],
    "product": "SEL-3560S",
    "vendor": "Schweitzer Engineering Laboratories, Inc.",
    "versions": [
      {
        "lessThan": "R150-V2",
        "status": "affected",
        "version": "R144-V2",
        "versionType": "custom"
      },
      {
        "lessThan": "R149-V4",
        "status": "affected",
        "version": "R144-V2",
        "versionType": "custom"
      },
      {
        "lessThan": "R148-V7",
        "status": "affected",
        "version": "R144-V2",
        "versionType": "custom"
      },
      {
        "lessThan": "R147-V6",
        "status": "affected",
        "version": "R144-V2",
        "versionType": "custom"
      }
    ]
  },
  {
    "defaultStatus": "unaffected",
    "platforms": [
      "Linux"
    ],
    "product": "SEL-3560E",
    "vendor": "Schweitzer Engineering Laboratories, Inc.",
    "versions": [
      {
        "lessThan": "R150-V2",
        "status": "affected",
        "version": "R144-V2",
        "versionType": "custom"
      },
      {
        "lessThan": "R149-V4",
        "status": "affected",
        "version": "R144-V2",
        "versionType": "custom"
      },
      {
        "lessThan": "R148-V7",
        "status": "affected",
        "version": "R144-V2",
        "versionType": "custom"
      },
      {
        "lessThan": "R147-V6",
        "status": "affected",
        "version": "R144-V2",
        "versionType": "custom"
      }
    ]
  },
  {
    "defaultStatus": "unaffected",
    "platforms": [
      "Linux"
    ],
    "product": "SEL-2241 RTAC module",
    "vendor": "Schweitzer Engineering Laboratories, Inc.",
    "versions": [
      {
        "lessThan": "R150-V2",
        "status": "affected",
        "version": "R113-V0",
        "versionType": "custom"
      },
      {
        "lessThan": "R149-V4",
        "status": "affected",
        "version": "R113-V0",
        "versionType": "custom"
      },
      {
        "lessThan": "R148-V7",
        "status": "affected",
        "version": "R113-V0",
        "versionType": "custom"
      },
      {
        "lessThan": "R147-V6",
        "status": "affected",
        "version": "R113-V0",
        "versionType": "custom"
      }
    ]
  },
  {
    "defaultStatus": "unaffected",
    "platforms": [
      "Linux"
    ],
    "product": "SEL-3350",
    "vendor": "Schweitzer Engineering Laboratories, Inc.",
    "versions": [
      {
        "lessThan": "R150-V2",
        "status": "affected",
        "version": "R148-V0",
        "versionType": "custom"
      },
      {
        "lessThan": "R149-V4",
        "status": "affected",
        "version": "R148-V0",
        "versionType": "custom"
      },
      {
        "lessThan": "R148-V7",
        "status": "affected",
        "version": "R148-V0",
        "versionType": "custom"
      }
    ]
  }
]

References

selinc.com/support/security-notifications/external-reports/

6.8 Medium

CVSS3

Attack Vector

NETWORK

Attack Complexity

HIGH

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:H/A:H

5.4 Medium

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

47.6%

JSON

Related for CVE-2023-2310

nvd1 nessus1 prion1 cvelist1