Schweitzer Engineering Laboratories (SEL) has recently disclosed nine security flaws in their electric power management products [1]. These vulnerabilities, discovered by Nozomi Networks [2], have severity scores ranging from 4.8 to 8.8 according to the Common Vulnerability Scoring System (CVSS). This article provides a detailed description of these vulnerabilities and their potential risks to power infrastructure security.
Description
SEL has identified four high severity vulnerabilities and five medium severity vulnerabilities in their electric power management products. The impacted products include the SEL-5030 acSELerator QuickSet and SEL-5037 Grid Configurator. One critical vulnerability [1] [2], known as CVE-2023-31171, allows for arbitrary code execution on the engineering workstation running SEL software [1]. Another significant vulnerability enables arbitrary command execution and alteration of a device’s configuration [1]. Nozomi Networks has also highlighted the potential risk posed by the native functionality to clear the terminal history, which attackers could exploit to cover up their activities.
SEL has taken action to address these vulnerabilities by releasing software updates. However, it is worth noting that Nozomi Networks previously identified 19 security flaws in SEL products, specifically in SEL computing platforms running the vendor’s Realtime Automation Controller (RTAC) suite [1]. These vulnerabilities pose risks to power infrastructure security [2], as they allow attackers to tamper with device functionality [2], manipulate information displayed to operators [2], and gain access to other systems using the same credentials.
Conclusion
The security flaws discovered in SEL’s electric power management products have significant implications for power infrastructure security. The potential for arbitrary code execution, alteration of device configurations, and manipulation of operator information poses serious risks. SEL’s software updates are a step towards mitigating these vulnerabilities, but ongoing vigilance and proactive measures are necessary to ensure the security of power systems. The collaboration between the U.S. Cybersecurity and Infrastructure Security Agency (CISA) and MITRE to develop an extension for the Caldera cyber attack emulation platform demonstrates the recognition of the importance of addressing security concerns in operational technology networks.
References
[1] https://vulnera.com/newswire/sel-power-system-management-products-receive-nine-patches-for-multiple-vulnerabilities/
[2] https://cybermaterial.com/nine-high-severity-flaws-in-sel-products/
