CVE-2023-34391 HIGH

CVE-2023-34391: Insecure Inherited Permissions

Vendor Schweitzer Engineering Laboratories
Product SEL-5033 AcSELerator RTAC Software
Weakness CWE-277
Published August 31, 2023
Last update October 1, 2024

CVSS base score

7.4/10
Attack vector Local
Attack complexity High
Privileges required Low
User interaction Required
Confidentiality High
Integrity High

CVSS vector

CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:C/C:H/I:H/A:L

What the vulnerability does

01Description

Insecure Inherited Permissions vulnerability in Schweitzer Engineering Laboratories SEL-5033 AcSELerator RTAC Software on Windows allows Leveraging/Manipulating Configuration File Search Paths. See Instruction Manual Appendix A [Cybersecurity] tag dated 20230522 for more details. This issue affects SEL-5033 AcSELerator RTAC Software: before 1.35.151.21000.

Key dates

02Disclosure timeline

August 31, 2023 CVE published
October 1, 2024 Record updated