CVE-2023-31151 : An Improper Certificate Validation vulnerability in the Schweitzer Engineering

An Improper Certificate Validation vulnerability in the Schweitzer Engineering Laboratories Real-Time Automation Controller (SEL RTAC) Web Interface could allow a remote unauthenticated attacker to conduct a man-in-the-middle (MitM) attack. See SEL Service Bulletin dated 2022-11-15 for more details.

Published 2023-05-10 20:15:10

Updated 2023-05-17 18:02:45

Source Schweitzer Engineering Laboratories, Inc.

View at NVD, CVE.org

Products affected by CVE-2023-31151

Selinc » Sel-2241 Rtac Module Firmware
Versions from including (>=) r147-v0 and before (<) r150-v2
cpe:2.3:o:selinc:sel-2241_rtac_module_firmware:*:*:*:*:*:*:*:*
Matching versions
When used together with: Selinc » Sel-2241 Rtac Module » Version: N/A
Selinc » Sel-3350 Firmware
Versions from including (>=) r148-v0 and before (<) r150-v2
cpe:2.3:o:selinc:sel-3350_firmware:*:*:*:*:*:*:*:*
Matching versions
When used together with: Selinc » Sel-3350 » Version: N/A
Selinc » Sel-3505 Firmware
Versions from including (>=) r147-v0 and before (<) r150-v2
cpe:2.3:o:selinc:sel-3505_firmware:*:*:*:*:*:*:*:*
Matching versions
When used together with: Selinc » Sel-3505 » Version: N/A
Selinc » Sel-3505-3 Firmware
Versions from including (>=) r147-v0 and before (<) r150-v2
cpe:2.3:o:selinc:sel-3505-3_firmware:*:*:*:*:*:*:*:*
Matching versions
When used together with: Selinc » Sel-3505-3 » Version: N/A
Selinc » Sel-3530 Firmware
Versions from including (>=) r147-v0 and before (<) r150-v2
cpe:2.3:o:selinc:sel-3530_firmware:*:*:*:*:*:*:*:*
Matching versions
When used together with: Selinc » Sel-3530 » Version: N/A
Selinc » Sel-3530-4 Firmware
Versions from including (>=) r147-v0 and before (<) r150-v2
cpe:2.3:o:selinc:sel-3530-4_firmware:*:*:*:*:*:*:*:*
Matching versions
When used together with: Selinc » Sel-3530-4 » Version: N/A
Selinc » Sel-3532 Firmware
Versions from including (>=) r147-v0 and before (<) r150-v2
cpe:2.3:o:selinc:sel-3532_firmware:*:*:*:*:*:*:*:*
Matching versions
When used together with: Selinc » Sel-3532 » Version: N/A
Selinc » Sel-3555 Firmware
Versions from including (>=) r147-v0 and before (<) r150-v2
cpe:2.3:o:selinc:sel-3555_firmware:*:*:*:*:*:*:*:*
Matching versions
When used together with: Selinc » Sel-3555 » Version: N/A
Selinc » Sel-3560e Firmware
Versions from including (>=) r147-v0 and before (<) r150-v2
cpe:2.3:o:selinc:sel-3560e_firmware:*:*:*:*:*:*:*:*
Matching versions
When used together with: Selinc » Sel-3560e » Version: N/A
Selinc » Sel-3560s Firmware
Versions from including (>=) r147-v0 and before (<) r150-v2
cpe:2.3:o:selinc:sel-3560s_firmware:*:*:*:*:*:*:*:*
Matching versions
When used together with: Selinc » Sel-3560s » Version: N/A

Exploit prediction scoring system (EPSS) score for CVE-2023-31151

EPSS FAQ

0.06%

Probability of exploitation activity in the next 30 days EPSS Score History

~ 29 %

Percentile, the proportion of vulnerabilities that are scored at or less

CVSS scores for CVE-2023-31151

Base Score	Base Severity	CVSS Vector	Exploitability Score	Impact Score	Score Source
4.2	MEDIUM	CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:N	1.6	2.5	NIST
Attack Vector: Network Attack Complexity: High Privileges Required: None User Interaction: Required Scope: Unchanged Confidentiality: Low Integrity: Low Availability: None
4.7	MEDIUM	CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:L/A:N	1.6	2.7	Schweitzer Engineering Laboratories, Inc.
Attack Vector: Network Attack Complexity: High Privileges Required: None User Interaction: Required Scope: Changed Confidentiality: Low Integrity: Low Availability: None

CWE ids for CVE-2023-31151

CWE-295 Improper Certificate Validation

The product does not validate, or incorrectly validates, a certificate.
Assigned by:
- nvd@nist.gov (Primary)
- security@selinc.com (Secondary)

References for CVE-2023-31151

https://www.nozominetworks.com/blog/

OT & IoT Security Blog – Nozomi Networks
Third Party Advisory

CVEs referencing this url
https://selinc.com/support/security-notifications/external-reports/

Security Notifications - Issues Reported by External Organization or Individuals
Vendor Advisory

CVEs referencing this url

Jump to

Vulnerability Details : CVE-2023-31151

Products affected by CVE-2023-31151

Exploit prediction scoring system (EPSS) score for CVE-2023-31151

CVSS scores for CVE-2023-31151

CWE ids for CVE-2023-31151

References for CVE-2023-31151