Primary

Context

Schweitzer Engineering Laboratories Circuit Provisioning and File Import Applications Improper Pathname Limitation Vulnerability

Vulnerability

Patched

A vulnerability exists in the Circuit Provisioning and File Import applications from Schweitzer Engineering Laboratories due to improper limitations on file pathnames. This flaw allows for the unauthorized modification and uploading of files. The issue has been addressed by removing these applications in the latest software update.

Impact

Exploitation of this vulnerability could lead to unauthorized file modifications and uploads, potentially allowing for arbitrary code execution.

Remediation

Users can update to the latest version of the affected software, where this vulnerability has been addressed by removing the Circuit Provisioning and File Import applications. Instructions for updating can be found in the SEL Software Release Notes.

Added: Jun 9, 2025, 7:46 PM

Updated: Jun 9, 2025, 7:46 PM

Vulnerability Rating

Custom Algorithm

spread

2.4

impact

2.5

exploitability

4.7

remediation

7.7

relevance

0.0

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

2.4

impact

2.5

exploitability

4.7

remediation

7.7

relevance

0.0

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Schweitzer Engineering Laboratories Circuit Provisioning and File Import Applications Improper Pathname Limitation Vulnerability

Vulnerability

Impact

Remediation

Affected Products

SEL-5030

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating