SUBNET PowerSYSTEM Center Authentication Bypass by Capture-replay
CVE-2023-29158

6.1MEDIUM

Key Information:

Vendor: Subnet Solutions Inc.
Status: Powersystem Center
Vendor: CVE Published:; 19 June 2023

🔔 Create Subnet Solutions Inc. Vulnerability Alert

What is CVE-2023-29158?

SUBNET PowerSYSTEM Center versions 2020 U10 and prior are vulnerable to replay attacks which may result in a denial-of-service condition or a loss of data integrity.

Affected Version(s)

PowerSYSTEM Center 0 <= 2020 U10

References

https://www.cisa.gov/news-events/ics-advisories/icsa-23-1...

CVSS V3.1

Score:

6.1

Severity:

MEDIUM

Confidentiality:

None

Integrity:

High

Availability:

None

Attack Vector:

Adjacent Network

Attack Complexity:

Low

Privileges Required:

High

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Jun 19, 2023
Vulnerability Reserved
May 25, 2023

Credit

SUBNET Solutions reported these vulnerabilities to CISA.

CVE-2023-29158 Data

JSON