Relay Rumble: Schweitzer Devices’ Hidden Features Expose Energy Sector to Cyber Chaos

Ready for a shocker? Your SEL 700 series relay might come with extra ‘features’ you didn’t ask for! It’s not a bonus track; it’s a vulnerability, folks. Update or risk the cyber boogeyman turning off your lights! #UndocumentedFeaturesDrama

Hot Take:

It looks like Schweitzer Engineering Laboratories is playing hide and seek with features, but the only winner here is unpredictability! Who knew ‘undocumented features’ was code for ‘let’s give hackers a surprise party’? If your idea of a good time is flipping the security switch from ‘meh’ to ‘mayday,’ then this vulnerability is your VIP pass to chaos central. Time to update or face the digital music!

Key Points:

  • SEL 700 series relays are playing host to the unwanted guest, CVE-2024-2103, with a side of ‘undocumented features’.
  • The vulnerability fiesta could let attackers cha-cha-cha their way into modifications or a full-on denial-of-service dance-off.
  • Products affected include a range of relays from Motor Bus Transfers to High-Impedance Differentials, basically, a buffet of critical infrastructure.
  • The CVE-2024-2103 comes with a 5.9 on the ‘Oh No’ CVSS v4 scale, making it an ‘attractive’ target for hackers with privileged access passes.
  • Schweitzer’s RSVP to the security party includes updates for all affected products, while CISA is the chaperone advising on how to avoid risky behaviors.
Title: Inclusion of Undocumented Features
Cve id: CVE-2024-2103
Cve state: PUBLISHED
Cve assigner short name: SEL
Cve date updated: 04/04/2024
Cve description: Inclusion of undocumented features vulnerability accessible when logged on with a privileged access level on the following Schweitzer Engineering Laboratories relays could allow the relay to behave unpredictably: SEL-700BT Motor Bus Transfer Relay, SEL-700G Generator Protection Relay, SEL-710-5 Motor Protection Relay, SEL-751 Feeder Protection Relay, SEL-787-2/-3/-4 Transformer Protection Relay, SEL-787Z High-Impedance Differential Relay . See product instruction manual appendix A dated 20240308 for more details regarding the SEL-751 Feeder Protection Relay. For more information for the other affected products, see their instruction manuals dated 20240329.

Need to know more?

The Undocumented Feature Fiasco

In the world of cybersecurity, 'undocumented features' is not an Easter egg you want to find. SEL's 700 series relays have been caught with their digital pants down, sporting a vulnerability that could let attackers do a little impromptu reprogramming or just shut the party down with a denial-of-service attack. The CVSS v4 score of 5.9 is like a Yelp review that says, "Come on in, the water's fine," if you're a hacker with a VIP ticket.

Who's Hit by the Bug?

From motor protection to transformer protection, a whole lineup of SEL relays are standing in the vulnerability conga line. This isn't just a small shindig; it's a worldwide bash with critical infrastructure implications. If you thought your SEL-710-5 Motor Protection Relay was just protecting motors, think again—it might be protecting a hacker's interests instead.

The Anonymous Tipster

Tip of the hat to the anonymous researcher who waved the red flag on this vulnerability. They're like the neighbor who calls the cops on a party that's gotten out of hand. Thanks to them, SEL is now playing DJ, trying to switch tracks with updates to get the vibe back to secure and steady.

Party Favors and Preventive Measures

If you don't fancy a cyber-crash, it's time to update those relays faster than you can say "CVE-2024-2103." And if you're into the cybersecurity equivalent of safe partying, you might want to hide those relays behind a firewall, keep them off the Internet, and maybe cuddle up with a VPN for that secure connection. Just remember, a VPN is only as secure as its latest update dance move.

No RSVP from Hackers... Yet

While no one has seen hackers doing the electric slide into these vulnerabilities yet, CISA is the bouncer reminding everyone to report suspicious activity. They're also handing out the cybersecurity equivalent of glow sticks—tips and best practices for keeping your industrial control systems safe from those who would rather rave than behave. So, update, isolate, and secure, or risk being the main event at the next hacker hoedown.

Tags: CVE-2024-2103, CVSS 5.9, energy sector security, industrial control systems, Schweitzer Engineering Laboratories, SEL vulnerabilities, vulnerability mitigation strategies