CVE-2023-31167 Information

Description

Improper Limitation of a Pathname to a Restricted Directory (‘Path Traversal’) vulnerability in Schweitzer Engineering Laboratories SEL-5036 acSELerator Bay Screen Builder Software on Windows allows Relative Path Traversal.

SEL acSELerator Bay Screen Builder software is distributed by SEL-5033 SEL acSELerator RTAC SEL-5030 Quickset and SEL Compass. CVE-2023-31167 and was patched in the acSELerator Bay Screen Builder release available on 20230602. Please contact SEL for additional details.

This issue affects SEL-5036 acSELerator Bay Screen Builder Software: before 1.0.49152.778.

Reference

https://dragos.com https://selinc.com/support/security-notifications/external-reports/