Authentication Bypass Vulnerability in PowerSys before V3.11
Plan Patch9.3SSA-024584Jun 11, 2024
Attack VectorLocal
Auth RequiredNone
ComplexityLow
User InteractionNone needed
Summary
PowerSys before V3.11 contains an authentication bypass vulnerability (CWE-287) that allows a local attacker to gain administrative privileges for all devices managed through PowerSys without providing valid credentials. An attacker with local workstation access could exploit this flaw to obtain unauthorized administrative access to remotely managed devices.
What this means
What could happen
An attacker with local access to a PowerSys workstation could bypass authentication and gain administrative control of remote managed devices, allowing them to alter configurations, shut down systems, or disrupt energy operations.
Who's at risk
Energy sector organizations using PowerSys for remote device management, including electric utilities and power generation facilities that rely on PowerSys to manage substations, control systems, and networked power equipment.
How it could be exploited
An attacker with physical or local network access to a PowerSys workstation exploits the authentication bypass to gain administrative privileges without valid credentials. Once authenticated as an administrator, the attacker can manage and control all devices that PowerSys manages remotely.
Prerequisites
- Local access to a PowerSys workstation or local network access
- PowerSys version prior to V3.11 must be running
local access requiredno authentication needed for exploitationlow complexity attackaffects remote management of critical infrastructure
Exploitability
Low exploit probability (EPSS 0.0%)
Affected products (1)
ProductAffected VersionsFix Status
PowerSys<V3.113.11
Remediation & Mitigation
0/1
Schedule — requires maintenance window
0/1Patching may require device reboot — plan for process interruption
HOTFIXUpdate PowerSys to version V3.11 or later
CVEs (1)
↑↓ Navigate · Esc Close
API:
/api/v1/advisories/06cbb95a-daa8-4f9b-9973-5c506575c975