CVE-2023-2264

Summary

An improper input validation vulnerability in the Schweitzer Engineering Laboratories SEL-411L could allow a malicious actor to manipulate authorized users to click on a link that could allow undesired behavior.

See product Instruction Manual Appendix A dated 20230830 for more details.

Affected Software

VendorProductVersion RangeStatus
Schweitzer Engineering LaboratoriesSEL-411LR118-V0 < R118-V4affected
Schweitzer Engineering LaboratoriesSEL-411LR119-V0 < R119-V5affected
Schweitzer Engineering LaboratoriesSEL-411LR120-V0 < R120-V6affected
Schweitzer Engineering LaboratoriesSEL-411LR121-V0 < R121-V3affected
Schweitzer Engineering LaboratoriesSEL-411LR122-V0 < R122-V3affected
Schweitzer Engineering LaboratoriesSEL-411LR123-V0 < R123-V3affected
Schweitzer Engineering LaboratoriesSEL-411LR124-V0 < R124-V3affected
Schweitzer Engineering LaboratoriesSEL-411LR125-V0 < R125-V3affected
Schweitzer Engineering LaboratoriesSEL-411LR126-V0 < R126-V4affected
Schweitzer Engineering LaboratoriesSEL-411LR127-V0 < R127-V2affected
Schweitzer Engineering LaboratoriesSEL-411LR128-V0 < R128-V1affected
Schweitzer Engineering LaboratoriesSEL-411LR129-V0 < R129-V1affected

Weaknesses

  • CWE-20: CWE-20 Improper Input Validation

ADP Enrichment

CVE Program Container

Additional References

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

References