Primary

Context

GE Vernova S1 Agile Configuration Software Privilege Escalation Vulnerability

Vulnerability

Patched

A privilege escalation vulnerability has been identified in GE Vernova S1 Agile Configuration Software for MiCOM P40 relays, affecting all versions prior to 3.1.1. This vulnerability allows a malicious user with basic privileges on the workstation to replace a legitimate executable file with a malicious one. Upon restarting the computer, the attacker's code could be executed, potentially granting them administrator privileges on the machine.

Impact

Exploitation of this vulnerability could lead to unauthorized administrator privileges on the affected workstation.

Remediation

Users are advised to upgrade to GE Vernova S1 Agile version 3.1.1, released in January 2025. For additional support, contact the GE Vernova global support team or the GE Product Security Incident Response Team (PSIRT).

Added: Sep 22, 2025, 4:51 PM

Updated: Sep 23, 2025, 12:33 AM

Vulnerability Rating

Custom Algorithm

spread

4.5

impact

10.0

exploitability

3.5

remediation

7.9

relevance

0.6

threat

0.0

urgency

2.9

incentive

0.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

4.5

impact

10.0

exploitability

3.5

remediation

7.9

relevance

0.6

threat

0.0

urgency

2.9

incentive

0.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

GE Vernova S1 Agile Configuration Software Privilege Escalation Vulnerability

Vulnerability

Impact

Remediation

Affected Products

GE Vernova S1 Agile

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating