A Storing Passwords in a Recoverable Format vulnerability in the Schweitzer Engineering Laboratories Real-Time Automation Controller (SEL RTAC) database system could allow an authenticated attacker to retrieve passwords. See SEL Service Bulletin dated 2022-11-15 for more details.
The product stores sensitive information without properly limiting read or write access by unauthorized actors.
Name | Vendor | Start Version | End Version |
---|---|---|---|
Sel-2241_rtac_module_firmware | Selinc | r122-v0 (including) | r150-v2 (excluding) |