OTPulse
FeedAboutContact

SUBNET PowerSYSTEM Center

Plan Patch8.4ICS-CERT ICSA-24-135-02May 14, 2024
Attack VectorLocal
Auth RequiredNone
ComplexityLow
User InteractionNone needed
Summary

Vulnerabilities in outdated libraries used by PowerSYSTEM Center versions Update_19 and earlier could allow privilege escalation, denial-of-service, or arbitrary code execution if an attacker gains local access to the system. These vulnerabilities are not remotely exploitable. Subnet Solutions has fixed these issues by updating libraries in version 5.20.x.x and newer.

What this means
What could happen
An attacker with local access to a PowerSYSTEM Center system could escalate privileges, crash the application, or run arbitrary code on the control center, potentially disrupting energy grid monitoring, operations management, or other critical functions the system supports.
Who's at risk
Energy utilities and grid operators who use Subnet Solutions PowerSYSTEM Center for monitoring and control system management. Any organization relying on this control center platform for real-time grid operations, dispatch, or SCADA management is affected.
How it could be exploited
An attacker must first gain local access to a PowerSYSTEM Center system (e.g., via a compromised workstation, USB-based attack, or physical access). From there, they can exploit vulnerabilities in outdated libraries to escalate privileges or execute arbitrary code with system-level permissions, allowing them to modify or disrupt control center functions.
Prerequisites
  • Local access to PowerSYSTEM Center system (non-remote)
  • Ability to execute code or trigger vulnerable library functions on the affected host
affects control system operationsprivilege escalation possibledenial-of-service possiblearbitrary code execution possiblelocal access required (reduces but does not eliminate risk)
Exploitability
Low exploit probability (EPSS 0.1%)
Affected products (1)
ProductAffected VersionsFix Status
PowerSYSTEM Center: <=Update_19≤ Update 195.20.x.x or newer
Remediation & Mitigation
0/4
Schedule — requires maintenance window
0/1

Patching may require device reboot — plan for process interruption

HOTFIXUpdate PowerSYSTEM Center to version 5.20.x.x or newer
Long-term hardening
0/3
HARDENINGRestrict physical and local network access to PowerSYSTEM Center systems; limit operator and administrative workstations that can directly access the system
HARDENINGIsolate PowerSYSTEM Center network from business networks and the internet using firewalls
HARDENINGImplement jump-box or bastion host access for any remote administration of PowerSYSTEM Center, if remote access is required
View full CISA ICS-CERT advisory
↑↓ Navigate · Esc Close
API: /api/v1/advisories/378129e2-9625-40d7-96b4-17068c54699c