Subnet Solutions PowerSYSTEM Center

Act Now9.8ICS-CERT ICSA-24-317-01Nov 12, 2024

Attack VectorNetwork

Auth RequiredNone

ComplexityLow

User InteractionNone needed

Summary

Subnet Solutions PowerSYSTEM Center PSC 2020 versions v5.22.x and earlier contain integer overflow vulnerabilities (CWE-611, CWE-190) that could allow remote attackers without authentication to execute arbitrary code on the affected device. The vendor reports that these vulnerabilities are to be addressed in PowerSYSTEM Center 2020 Update 23 release.

What this means

What could happen

An integer overflow vulnerability in PowerSYSTEM Center could allow an attacker to execute arbitrary code on the device, potentially causing denial of service or manipulation of energy management operations.

Who's at risk

Energy sector organizations running PowerSYSTEM Center 2020 for power management, SCADA monitoring, or energy distribution control are affected. This impacts facilities that rely on PowerSYSTEM Center for real-time monitoring and automation of electric generation, transmission, or distribution systems.

How it could be exploited

An attacker with network access to PowerSYSTEM Center (default ports likely 80/443 HTTP/HTTPS) could send a crafted request containing specially formatted input that triggers the integer overflow condition. This could lead to memory corruption and code execution on the affected system.

Prerequisites

Network access to PowerSYSTEM Center TCP ports (likely 80, 443 or application-specific ports)
No authentication required
Affected version: v5.22.x or earlier

remotely exploitableno authentication requiredlow complexitycritical severity (CVSS 9.8)integer overflow can lead to code execution

Exploitability

Moderate exploit probability (EPSS 1.2%)

Affected products (1)

ProductAffected VersionsFix Status

PowerSYSTEM Center PSC 2020: <=v5.22.x≤ v5.22.xUpdate 23 or later

Remediation & Mitigation

0/6

Do now

0/2

HARDENINGEnable Data Execution Prevention (DEP) and Address Space Layout Randomization (ASLR) in Windows operating system settings via Windows Security

WORKAROUNDApply application allow-listing to prevent unauthorized executables from running on the PowerSYSTEM Center system

Schedule — requires maintenance window

0/1

Patching may require device reboot — plan for process interruption

HOTFIXUpdate to PowerSYSTEM Center 2020 Update 23 or later when available from Subnet Solutions

Long-term hardening

0/3

HARDENINGIsolate PowerSYSTEM Center behind firewall and separate from business network

HARDENINGEnsure PowerSYSTEM Center is not accessible from the internet

HARDENINGImplement VPN for remote access if needed, keeping VPN software updated

CVEs (3)

CVE-2024-45490 CVE-2024-45491 CVE-2024-45492

View full CISA ICS-CERT advisory

↑↓ Navigate · Esc Close

API: /api/v1/advisories/a8f1d2e5-ce97-4d54-9466-c18f1b2192ef