CVE-2018-10600

CRITICAL

SEL AcSELerator Architect <2.2.24.0 - Info Disclosure

Title source: llm
STIX 2.1

Description

SEL AcSELerator Architect version 2.2.24.0 and prior allows unsanitized input to be passed to the XML parser, which may allow disclosure and retrieval of arbitrary data, arbitrary code execution (in certain situations on specific platforms), and denial of service attacks.

References (1)

Core 1
Core References
Third Party Advisory, US Government Resource x_refsource_misc
https://ics-cert.us-cert.gov/advisories/ICSA-18-191-02

Scores

CVSS v3 9.8
EPSS 0.0247
EPSS Percentile 82.4%
Attack Vector NETWORK
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Details

CWE
CWE-611
Status published
Products (1)
selinc/acselerator_architect < 2.2.24.0
Published Jul 24, 2018
Tracked Since Feb 18, 2026