PowerSYSTEM Server 2021 Vulnerabilities Discovered in Third-Party Components
CVE-2024-3313

8.4HIGH

Key Information:

Vendor: Subnet Solutions
Status: Powersystem Server; Substation Server 2021
Vendor: CVE Published:; 9 April 2024

🔔 Create Subnet Solutions Vulnerability Alert

What is CVE-2024-3313?

SUBNET Solutions Inc. has revealed vulnerabilities associated with third-party components utilized in their products, specifically in PowerSYSTEM Server 2021 and Substation Server 2021. These vulnerabilities could expose systems to various security risks, potentially affecting the integrity and availability of critical infrastructure managed by these servers. It is essential for organizations using these products to evaluate their security posture and apply the necessary updates and mitigations to minimize the impact of potential exploitation.

Affected Version(s)

PowerSYSTEM Server 0 < 4.07.00

Substation Server 2021 0 < 4.07.00

References

https://www.cisa.gov/news-events/ics-advisories/icsa-24-1...

CVSS V3.1

Score:

8.4

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Apr 9, 2024
Vulnerability Reserved
Apr 4, 2024

Credit

SUBNET Solutions reported these vulnerabilities to CISA.

CVE-2024-3313 Data

JSON