CVE-2024-2103

Summary

Inclusion of undocumented features vulnerability accessible when logged on with a privileged access level on the following Schweitzer Engineering Laboratories relays could allow the relay to behave unpredictably: SEL-700BT Motor Bus Transfer Relay, SEL-700G Generator Protection Relay, SEL-710-5 Motor Protection Relay, SEL-751 Feeder Protection Relay, SEL-787-2/-3/-4 Transformer Protection Relay, SEL-787Z High-Impedance Differential Relay

. See product instruction manual appendix A dated 20240308 for more details regarding the SEL-751 Feeder Protection Relay. For more information for the other affected products, see their instruction manuals dated 20240329.

Affected Software

VendorProductVersion RangeStatus
Schweitzer Engineering LaboratoriesSEL-700BT Motor Bus Transfer RelayR301-V0 < R301-V6affected
Schweitzer Engineering LaboratoriesSEL-700BT Motor Bus Transfer RelayR302-V0 < R302-V1affected
Schweitzer Engineering LaboratoriesSEL-700G Generator Protection RelayR100-V0 < R301-V6affected
Schweitzer Engineering LaboratoriesSEL-700G Generator Protection RelayR302-V0 < R302-V1affected
SEL-710-5 Motor Protection RelaySEL-710-5 Motor Protection RelayR100-V0 < R302-V1affected
Schweitzer Engineering LaboratoriesSEL-751 Feeder Protection RelayR101-V0 < R302-V3affected
Schweitzer Engineering LaboratoriesSEL-751 Feeder Protection RelayR400-V0 < R400-V2affected
Schweitzer Engineering LaboratoriesSEL-787-2/-3/-4 Transformer Protection RelayR100-V0 < R302-V1affected
Schweitzer Engineering LaboratoriesSEL-787Z High-Impedance Differential RelayR302-V0 < R302-V3affected

Weaknesses

  • CWE-1242: CWE-1242: Inclusion of Undocumented Features

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

CVE Program Container

Additional References

References