CVE-2023-34390
Improper input validation could lead to denial of service
In short
A flaw in how the Schweitzer Engineering Laboratories SEL-451 device checks user inputs allows an authenticated attacker to crash the system or disable its services. This can interrupt critical power system operations.
Technical detail
CWE-20 input validation flaw in SEL-451 permits an authenticated remote attacker to send malformed input that triggers a denial of service condition, disabling system services or causing system unavailability. Exploitation requires prior authentication credentials.
Summary generated and translated by AI from the official description.
An input validation vulnerability in the Schweitzer Engineering Laboratories SEL-451 could allow a remote authenticated attacker to create a denial of service against the system and locking out services.
See product Instruction Manual Appendix A dated 20230830 for more details.
CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:N/I:N/A:H
Affected products
Schweitzer Engineering Laboratories · SEL-451Want to know if your infrastructure is exposed to this?
Talk to TrueHacking →