Subnet Solutions PowerSYSTEM Center
Easy fix10 remedies
cpe:2.3:a:subnet:powersystem_center:*:*:*:*:*:*:*
Easy fix10 remedies
- <= 5.28.x
- >= 5.8.x, <= 5.28.x
- >= 5.11.x, <= 5.28.x
- >= 6.0.x, <= 6.1.x
- 7.0.x
Subnet Solutions PowerSYSTEM Center Improper Authorization Vulnerability in REST API Endpoint for Devices
Vulnerability
Patched
An improper authorization vulnerability has been identified in the PowerSYSTEM Center REST API endpoint for devices. This vulnerability allows a low-privilege authenticated user to access information that is typically restricted by operational permissions. The affected versions include PowerSYSTEM Center 2020 through 5.28.x, PowerSYSTEM Center 2024 between 6.0.x and 6.1.x, and PowerSYSTEM Center 2026 7.0.x.
Impact
Exploitation of this vulnerability could enable an authenticated attacker to access sensitive information or introduce a CRLF injection.
Remediation
Users are advised to update to the latest version of PowerSYSTEM Center PSC 2020 Update 29, PSC 2024 Update 2, and PSC 2026 GA Hotfix. For assistance in upgrading, contact a Subnet Solutions System Integration team member or customer support at (403) 270-8885 or support@subnet.com.
Added: May 12, 2026, 10:37 PM
Updated: May 12, 2026, 10:37 PM
Vulnerability Rating
Custom Algorithm
spread
0.0impact
0.6exploitability
3.3remediation
8.3relevance
8.1threat
0.0urgency
2.9incentive
0.0Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.