Aggregating NVD, CVE, and multi-source threat feeds, this list provides deep analysis of high-risk threats such as RCE. By integrating CVSS and EPSS models, the system dynamically tracks Exp (Exploit) resources and PoC availability to accurately assess Exploitability. Combined with official Patches and remediation strategies, it helps prioritize Vulnerability Management workflows, significantly shortening response cycles and securing your critical assets.
Assigner (CNA / source):[email protected] Remove this filter
| CVE | Description | Max CVSS | EPSS % | Published | Updated |
|---|---|---|---|---|---|
| CVE-2023-31149 | An Improper Input Validation vulnerability in the Schweitzer Engineering Laboratories Real-Time Automation Controller (SEL RTAC) Web Interface could allow a remote authenticated attacker to execute arbitrary code. See SEL Service Bulletin dated 2022-11-15 for more details. | 9.1 | 1.09% | 2023-05-10 | 2026-06-17 |
| CVE-2023-31148 | An Improper Input Validation vulnerability in the Schweitzer Engineering Laboratories Real-Time Automation Controller (SEL RTAC) Web Interface could allow a remote authenticated attacker to execute arbitrary code. See SEL Service Bulletin dated 2022-11-15 for more details. | 9.1 | 1.09% | 2023-05-10 | 2026-06-17 |
| CVE-2025-48017 | Improper limitation of pathname in Circuit Provisioning and File Import applications allows modification and uploading of files | 9.0 | 0.39% | 2025-05-20 | 2026-06-17 |
| CVE-2023-31175 | An Execution with Unnecessary Privileges vulnerability in the Schweitzer Engineering Laboratories SEL-5037 SEL Grid Configurator could allow an attacker to run system commands with the highest level privilege on the system. See Instruction Manual Appendix A and Appendix E dated 20230615 for more details. This issue affects SEL-5037 SEL Grid Configurator: before 4.5.0.20. | 8.8 | 0.42% | 2023-08-31 | 2026-06-17 |
| CVE-2023-34392 | A Missing Authentication for Critical Function vulnerability in the Schweitzer Engineering Laboratories SEL-5037 SEL Grid Configurator could allow an attacker to run arbitrary commands on managed devices by an authorized device operator. See Instruction Manual Appendix A and Appendix E dated 20230615 for more details. This issue affects SEL-5037 SEL Grid Configurator: before 4.5.0.20. | 8.2 | 0.45% | 2023-08-31 | 2026-06-17 |
| CVE-2025-46739 | An unauthenticated user could discover account credentials via a brute-force attack without rate limiting | 8.1 | 0.33% | 2025-05-12 | 2026-06-17 |
| CVE-2023-31150 | A Storing Passwords in a Recoverable Format vulnerability in the Schweitzer Engineering Laboratories Real-Time Automation Controller (SEL RTAC) database system could allow an authenticated attacker to retrieve passwords. See SEL Service Bulletin dated 2022-11-15 for more details. | 8.0 | 0.47% | 2023-05-10 | 2026-06-17 |
| CVE-2023-31173 | Use of Hard-coded Credentials vulnerability in Schweitzer Engineering Laboratories SEL-5037 SEL Grid Configurator on Windows allows Authentication Bypass. See Instruction Manual Appendix A and Appendix E dated 20230615 for more details. This issue affects SEL-5037 SEL Grid Configurator: before 4.5.0.20. | 7.7 | 0.20% | 2023-08-31 | 2026-06-17 |
| CVE-2025-48018 | An authenticated user can modify application state data. | 7.5 | 0.13% | 2025-05-20 | 2026-06-17 |
| CVE-2025-48014 | Password guessing limits could be bypassed when using LDAP authentication. | 7.5 | 0.36% | 2025-05-20 | 2026-06-17 |
| CVE-2025-46740 | An authenticated user without user administrative permissions could change the administrator Account Name. | 7.5 | 0.27% | 2025-05-12 | 2026-06-17 |
| CVE-2023-31176 | An Insufficient Entropy vulnerability in the Schweitzer Engineering Laboratories SEL-451 could allow an unauthenticated remote attacker to brute-force session tokens and bypass authentication. See product Instruction Manual Appendix A dated 20230830 for more details. | 7.5 | 0.93% | 2023-11-30 | 2026-06-17 |
| CVE-2025-46737 | SEL-5037 Grid Configurator contains an overly permissive Cross Origin Resource Sharing (CORS) configuration for a data gateway service in the application. This gateway service includes an API which is not properly configured to reject requests from unexpected sources. | 7.4 | 0.08% | 2025-05-12 | 2026-06-17 |
| CVE-2023-34391 | Insecure Inherited Permissions vulnerability in Schweitzer Engineering Laboratories SEL-5033 AcSELerator RTAC Software on Windows allows Leveraging/Manipulating Configuration File Search Paths. See Instruction Manual Appendix A [Cybersecurity] tag dated 20230522 for more details. This issue affects SEL-5033 AcSELerator RTAC Software: before 1.35.151.21000. | 7.4 | 0.13% | 2023-08-31 | 2026-06-17 |
| CVE-2023-31174 | A Cross-Site Request Forgery (CSRF) vulnerability in the Schweitzer Engineering Laboratories SEL-5037 SEL Grid Configurator could allow an attacker to embed instructions that could be executed by an authorized device operator. See Instruction Manual Appendix A and Appendix E dated 20230615 for more details. This issue affects SEL-5037 SEL Grid Configurator: before 4.5.0.20. | 7.4 | 0.20% | 2023-08-31 | 2026-06-17 |
| CVE-2023-2310 | A Channel Accessible by Non-Endpoint vulnerability in the Schweitzer Engineering Laboratories SEL Real-Time Automation Controller (RTAC) could allow a remote attacker to perform a man-in-the-middle (MiTM) that could result in denial of service. See the ACSELERATOR RTAC SEL-5033 Software instruction manual date code 20210915 for more details. | 6.8 | 0.50% | 2023-05-10 | 2026-06-17 |
| CVE-2025-46738 | An authenticated attacker can maliciously modify layout data files in the SEL-5033 installation directory to execute arbitrary code. | 6.6 | 0.15% | 2025-05-12 | 2026-06-17 |
| CVE-2025-46745 | An authenticated user without user-management permissions could view other users account information. | 6.5 | 0.26% | 2025-05-12 | 2026-06-17 |
| CVE-2024-2103 | Inclusion of undocumented features vulnerability accessible when logged on with a privileged access level on the following Schweitzer Engineering Laboratories relays could allow the relay to behave unpredictably: SEL-700BT Motor Bus Transfer Relay, SEL-700G Generator Protection Relay, SEL-710-5 Motor Protection Relay, SEL-751 Feeder Protection Relay, SEL-787-2/-3/-4 Transformer Protection Relay, SEL-787Z High-Impedance Differential Relay . See product instruction manual appendix A dated 202403 | 6.5 | 0.46% | 2024-04-04 | 2026-06-17 |
| CVE-2023-34388 | An Improper Authentication vulnerability in the Schweitzer Engineering Laboratories SEL-451 could allow a remote unauthenticated attacker to potentially perform session hijacking attack and bypass authentication. See product Instruction Manual Appendix A dated 20230830 for more details. | 6.5 | 0.91% | 2023-11-30 | 2026-06-17 |