Subnet Solutions PowerSYSTEM Center
Easy fix10 remedies
cpe:2.3:a:subnet:powersystem_center:*:*:*:*:*:*:*
Easy fix10 remedies
- <= 5.28.x
- >= 5.8.x, <= 5.28.x
- >= 5.11.x, <= 5.28.x
- >= 6.0.x, <= 6.1.x
- 7.0.x
Subnet Solutions PowerSYSTEM Center Improper Authorization Vulnerability in REST API Endpoint
Vulnerability
Patched
A vulnerability exists in the PowerSYSTEM Center REST API endpoint for device account export, allowing an authenticated user with limited permissions to access sensitive information typically reserved for administrative roles. This issue affects multiple versions of PowerSYSTEM Center, including 2020, 2024, and 2026.
Impact
Exploitation of this vulnerability could lead to unauthorized exposure of sensitive information or a Carriage Return Line Feed (CRLF) injection.
Remediation
Users are advised to update to the latest version of PowerSYSTEM Center 2020 Update 29, PSC 2024 Update 2, and PSC 2026 GA Hotfix. For assistance in upgrading, contact a Subnet Solutions System Integration team member or customer support at (403) 270-8885 or support@subnet.com.
Added: May 12, 2026, 10:38 PM
Updated: May 12, 2026, 10:38 PM
Vulnerability Rating
Custom Algorithm
spread
0.0impact
2.5exploitability
3.3remediation
8.3relevance
8.1threat
0.0urgency
2.9incentive
0.0Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.