Password Change Flaw in SEL Software Products
CVE-2025-46748

2.7LOW

Key Information:

Vendor: Schweitzer Engineering Laboratories
Status: Sel Blueframe Os
Vendor: CVE Published:; 12 May 2025

What is CVE-2025-46748?

An authenticated user can change their password in SEL software without providing the current password, creating a potential security risk. This flaw undermines the expected authentication mechanisms, allowing users to gain unauthorized access to accounts by simply setting a new password without proper verification.

Affected Version(s)

SEL Blueframe OS 0 < 1.10.0

References

https://selinc.com/products/software/latest-software-vers...

CVSS V3.1

Score:

2.7

Severity:

LOW

Confidentiality:

None

Integrity:

Low

Availability:

None

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

High

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
May 12, 2025
Vulnerability Reserved
Apr 28, 2025

Schweitzer Engineering Laboratories

What is CVE-2025-46748?

Affected Version(s)

References

CVSS V3.1

Timeline