All the vulnerabilites related to SUBNET Solutions Inc. - PowerSYSTEM Center
cve-2023-6631
Vulnerability from cvelistv5
Published
2024-01-08 19:04
Modified
2024-08-02 08:35
Severity ?
EPSS score ?
Summary
Subnet Solutions Inc. PowerSYSTEM Center Unquoted Search Path or Element
References
Impacted products
| ▼ | Vendor | Product |
|---|---|---|
| Subnet Solutions Inc. | PowerSYSTEM Center |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T08:35:14.886Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.cisa.gov/news-events/ics-advisories/icsa-23-353-01"
},
{
"tags": [
"x_transferred"
],
"url": "https://subnet.com/contact/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "PowerSYSTEM Center",
"vendor": "Subnet Solutions Inc.",
"versions": [
{
"lessThanOrEqual": "5.16.x",
"status": "affected",
"version": "2020 v5.0.x",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"user": "00000000-0000-4000-9000-000000000000",
"value": "Kelly Stich of Subnet Solutions Inc. reported this vulnerability to CISA."
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003e\u003cspan style=\"background-color: var(--wht);\"\u003ePowerSYSTEM Center versions 2020 Update 16 and prior contain a vulnerability that may allow an authorized local user to insert arbitrary code into the unquoted service path and escalate privileges.\u003c/span\u003e\u003cbr\u003e\u003c/p\u003e\u003cp\u003e\u003cbr\u003e\u003c/p\u003e"
}
],
"value": "PowerSYSTEM Center versions 2020 Update 16 and prior contain a vulnerability that may allow an authorized local user to insert arbitrary code into the unquoted service path and escalate privileges.\n\n\n\n\n\n"
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-428",
"description": "CWE-428",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-01-08T19:30:18.891Z",
"orgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
"shortName": "icscert"
},
"references": [
{
"url": "https://www.cisa.gov/news-events/ics-advisories/icsa-23-353-01"
},
{
"url": "https://subnet.com/contact/"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\n\n\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eSubnet Solutions recommends users upgrade to PowerSYSTEM Center versions 2020 Update 17 or later. To obtain this software, contact Subnet Solution\u0027s \u003c/span\u003e\u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://subnet.com/contact/\"\u003eCustomer Service\u003c/a\u003e\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003e.\u003c/span\u003e\n\n\u003cbr\u003e"
}
],
"value": "\nSubnet Solutions recommends users upgrade to PowerSYSTEM Center versions 2020 Update 17 or later. To obtain this software, contact Subnet Solution\u0027s Customer Service https://subnet.com/contact/ .\n\n\n"
}
],
"source": {
"discovery": "INTERNAL"
},
"title": "Subnet Solutions Inc. PowerSYSTEM Center Unquoted Search Path or Element",
"workarounds": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\n\n\u003cp\u003eAdditionally, Subnet Solutions recommends users apply Application Allowlisting on PowerSYSTEM Center Device Communication Server (DCS) hosts to ensure only trusted executables are able to be run.\u003c/p\u003e\u003cp\u003eIf unable to apply PowerSYSTEM Center 2020 Update 17, Subnet Solutions recommends users mitigate risk by logging in to the DCS as administrator, opening the Registry Editor, navigating to HKEY_LOCAL_MACHINE\\SYSTEM\\CurrentControlSet\\Services, locating all pscagent.* entries, and modifying the ImagePath key by enclosing it within double quotes (\"). Restart computer when complete.\u003c/p\u003e\n\n\u003cbr\u003e"
}
],
"value": "\nAdditionally, Subnet Solutions recommends users apply Application Allowlisting on PowerSYSTEM Center Device Communication Server (DCS) hosts to ensure only trusted executables are able to be run.\n\nIf unable to apply PowerSYSTEM Center 2020 Update 17, Subnet Solutions recommends users mitigate risk by logging in to the DCS as administrator, opening the Registry Editor, navigating to HKEY_LOCAL_MACHINE\\SYSTEM\\CurrentControlSet\\Services, locating all pscagent.* entries, and modifying the ImagePath key by enclosing it within double quotes (\"). Restart computer when complete.\n\n\n\n\n"
}
],
"x_generator": {
"engine": "VINCE 2.1.9",
"env": "prod",
"origin": "https://cveawg.mitre.org/api/cve/CVE-2023-6631"
}
}
},
"cveMetadata": {
"assignerOrgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
"assignerShortName": "icscert",
"cveId": "CVE-2023-6631",
"datePublished": "2024-01-08T19:04:41.988Z",
"dateReserved": "2023-12-08T17:28:43.750Z",
"dateUpdated": "2024-08-02T08:35:14.886Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2023-32659
Vulnerability from cvelistv5
Published
2023-06-19 20:18
Modified
2024-08-02 15:25
Severity ?
EPSS score ?
Summary
SUBNET PowerSYSTEM Center Cross-site Scripting
References
Impacted products
| ▼ | Vendor | Product |
|---|---|---|
| SUBNET Solutions Inc. | PowerSYSTEM Center |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T15:25:36.325Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.cisa.gov/news-events/ics-advisories/icsa-23-166-01"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "PowerSYSTEM Center",
"vendor": "SUBNET Solutions Inc.",
"versions": [
{
"lessThanOrEqual": "2020 U10",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"user": "00000000-0000-4000-9000-000000000000",
"value": "SUBNET Solutions reported these vulnerabilities to CISA."
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\n\n\u003cp\u003eSUBNET PowerSYSTEM Center versions 2020 U10 and prior contain a cross-site scripting vulnerability that may allow an attacker to inject malicious code into report header graphic files that could propagate out of the system and reach users who are subscribed to email notifications.\u003c/p\u003e\u003cbr\u003e\n\n"
}
],
"value": "\nSUBNET PowerSYSTEM Center versions 2020 U10 and prior contain a cross-site scripting vulnerability that may allow an attacker to inject malicious code into report header graphic files that could propagate out of the system and reach users who are subscribed to email notifications.\n\n\n\n\n"
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "LOW",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "HIGH",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:H/UI:R/S:C/C:H/I:N/A:L",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-79",
"description": "CWE-79 Cross-site Scripting",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-06-19T20:18:36.913Z",
"orgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
"shortName": "icscert"
},
"references": [
{
"url": "https://www.cisa.gov/news-events/ics-advisories/icsa-23-166-01"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\n\n\u003cp\u003eSUBNET Solutions has fixed these issues by enabling a file integrity check on uploaded images and anti-forgery tokens to prevent replay attacks. The fix was introduced in PowerSYSTEM Center update 12 as well as Update 8+Hotfix (both identified by release number 5.12.2305.10101, which can be located in Settings / Overview / Version).\u003c/p\u003e\u003cp\u003e\u003cbr\u003e\u003c/p\u003e\n\n\u003cbr\u003e"
}
],
"value": "\nSUBNET Solutions has fixed these issues by enabling a file integrity check on uploaded images and anti-forgery tokens to prevent replay attacks. The fix was introduced in PowerSYSTEM Center update 12 as well as Update 8+Hotfix (both identified by release number 5.12.2305.10101, which can be located in Settings / Overview / Version).\n\n\n\n\n\n\n\n"
}
],
"source": {
"discovery": "INTERNAL"
},
"title": "SUBNET PowerSYSTEM Center Cross-site Scripting",
"workarounds": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\n\n\u003cp\u003eSUBNET Solutions recommends users to follow the following workarounds:\u003c/p\u003e\u003cul\u003e\u003cli\u003eUsers should verify that SVG files do not contain HTML elements or scripts and validate that JPG and PNG files are not SVG files.\u003c/li\u003e\u003cli\u003eUsers should verify network security rules to ensure that outbound connections to the internet are not possible.\u003c/li\u003e\u003cli\u003eIf the above cannot be performed or notifications are not required, disable email notifications for reports from PowerSYSTEM Center.\u003c/li\u003e\u003cli\u003eMonitor user activity and ensure application control rules only allow preauthorized executables to run.\u003c/li\u003e\u003cli\u003eDeny users to run other executables on client access servers (PowerSYSTEM Center front end access point).\u003c/li\u003e\u003c/ul\u003e\n\n\u003cbr\u003e"
}
],
"value": "\nSUBNET Solutions recommends users to follow the following workarounds:\n\n * Users should verify that SVG files do not contain HTML elements or scripts and validate that JPG and PNG files are not SVG files.\n * Users should verify network security rules to ensure that outbound connections to the internet are not possible.\n * If the above cannot be performed or notifications are not required, disable email notifications for reports from PowerSYSTEM Center.\n * Monitor user activity and ensure application control rules only allow preauthorized executables to run.\n * Deny users to run other executables on client access servers (PowerSYSTEM Center front end access point).\n\n\n\n\n\n"
}
],
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
"assignerShortName": "icscert",
"cveId": "CVE-2023-32659",
"datePublished": "2023-06-19T20:18:36.913Z",
"dateReserved": "2023-05-25T16:04:56.572Z",
"dateUpdated": "2024-08-02T15:25:36.325Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2023-29158
Vulnerability from cvelistv5
Published
2023-06-19 20:11
Modified
2024-08-02 14:00
Severity ?
EPSS score ?
Summary
SUBNET PowerSYSTEM Center Authentication Bypass by Capture-replay
References
Impacted products
| ▼ | Vendor | Product |
|---|---|---|
| SUBNET Solutions Inc. | PowerSYSTEM Center |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T14:00:15.368Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.cisa.gov/news-events/ics-advisories/icsa-23-166-01"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "PowerSYSTEM Center",
"vendor": "SUBNET Solutions Inc.",
"versions": [
{
"lessThanOrEqual": "2020 U10",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"user": "00000000-0000-4000-9000-000000000000",
"value": "SUBNET Solutions reported these vulnerabilities to CISA."
}
],
"datePublic": "2023-06-15T20:07:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\n\n\u003cp\u003e\n\n\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eSUBNET PowerSYSTEM Center versions 2020 U10 and prior are vulnerable to replay attacks which may result in a denial-of-service condition or a loss of data integrity.\u003c/span\u003e\n\n\u003c/p\u003e\u003cbr\u003e\n\n"
}
],
"value": "\n\n\nSUBNET PowerSYSTEM Center versions 2020 U10 and prior are vulnerable to replay attacks which may result in a denial-of-service condition or a loss of data integrity.\n\n\n\n\n\n\n"
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-294",
"description": "CWE-294 Authentication Bypass by Capture-replay",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-06-19T20:11:05.873Z",
"orgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
"shortName": "icscert"
},
"references": [
{
"url": "https://www.cisa.gov/news-events/ics-advisories/icsa-23-166-01"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\n\n\u003cp\u003eSUBNET Solutions has fixed these issues by enabling a file integrity check on uploaded images and anti-forgery tokens to prevent replay attacks. The fix was introduced in PowerSYSTEM Center update 12 as well as Update 8+Hotfix (both identified by release number 5.12.2305.10101, which can be located in Settings / Overview / Version).\u003c/p\u003e\u003cp\u003e\u003cbr\u003e\u003c/p\u003e"
}
],
"value": "\nSUBNET Solutions has fixed these issues by enabling a file integrity check on uploaded images and anti-forgery tokens to prevent replay attacks. The fix was introduced in PowerSYSTEM Center update 12 as well as Update 8+Hotfix (both identified by release number 5.12.2305.10101, which can be located in Settings / Overview / Version).\n\n\n\n\n"
}
],
"source": {
"discovery": "INTERNAL"
},
"title": "SUBNET PowerSYSTEM Center Authentication Bypass by Capture-replay",
"workarounds": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\n\n\u003cp\u003eSUBNET Solutions recommends users to follow the following workarounds:\u003c/p\u003e\u003cul\u003e\u003cli\u003eUsers should verify that SVG files do not contain HTML elements or scripts and validate that JPG and PNG files are not SVG files.\u003c/li\u003e\u003cli\u003eUsers should verify network security rules to ensure that outbound connections to the internet are not possible.\u003c/li\u003e\u003cli\u003eIf the above cannot be performed or notifications are not required, disable email notifications for reports from PowerSYSTEM Center.\u003c/li\u003e\u003cli\u003eMonitor user activity and ensure application control rules only allow preauthorized executables to run.\u003c/li\u003e\u003cli\u003eDeny users to run other executables on client access servers (PowerSYSTEM Center front end access point).\u003c/li\u003e\u003c/ul\u003e\u003cbr\u003e\n\n\u003cbr\u003e"
}
],
"value": "\nSUBNET Solutions recommends users to follow the following workarounds:\n\n * Users should verify that SVG files do not contain HTML elements or scripts and validate that JPG and PNG files are not SVG files.\n * Users should verify network security rules to ensure that outbound connections to the internet are not possible.\n * If the above cannot be performed or notifications are not required, disable email notifications for reports from PowerSYSTEM Center.\n * Monitor user activity and ensure application control rules only allow preauthorized executables to run.\n * Deny users to run other executables on client access servers (PowerSYSTEM Center front end access point).\n\n\n\n\n\n\n"
}
],
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
"assignerShortName": "icscert",
"cveId": "CVE-2023-29158",
"datePublished": "2023-06-19T20:11:05.873Z",
"dateReserved": "2023-05-25T16:04:56.578Z",
"dateUpdated": "2024-08-02T14:00:15.368Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}