Denial-of-Service Vulnerability in PowerSYSTEM Center by Subnet Solutions
CVE-2025-31935

6.9MEDIUM

Key Information:

Vendor: Subnet Solutions
Status: Powersystem Center 2020
Vendor: CVE Published:; 11 April 2025

🔔 Create Subnet Solutions Vulnerability Alert

What is CVE-2025-31935?

PowerSYSTEM Center from Subnet Solutions is subject to a vulnerability that arises from the improper handling of exceptional conditions. When maliciously crafted data is sent to the API, it can provoke an unexpected exception. This behavior may lead to a denial-of-service condition, disrupting the normal functioning of the software and potentially impacting users who rely on its operational integrity.

Affected Version(s)

PowerSYSTEM Center 2020 0 <= 5.24.x

References

https://www.cisa.gov/news-events/ics-advisories/icsa-25-1...

CVSS V4

Score:

6.9

Severity:

MEDIUM

Confidentiality:

None

Integrity:

None

Availability:

High

Attack Vector:

Local

Attack Complexity:

Low

Attack Required:

None

Privileges Required:

Undefined

User Interaction:

None

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Apr 11, 2025
Vulnerability Reserved
Apr 8, 2025

Credit

Subnet Solutions Inc. reported this vulnerability to CISA.

CVE-2025-31935 Data

JSON