Vulnerabilities > Subnet

DATE CVE VULNERABILITY TITLE RISK
2024-01-08 CVE-2023-6631 Unquoted Search Path or Element vulnerability in Subnet Powersystem Center 2020
PowerSYSTEM Center versions 2020 Update 16 and prior contain a vulnerability that may allow an authorized local user to insert arbitrary code into the unquoted service path and escalate privileges.
local
low complexity
subnet CWE-428
7.8
2023-06-19 CVE-2023-29158 Authentication Bypass by Capture-replay vulnerability in Subnet Powersystem Center 2020
SUBNET PowerSYSTEM Center versions 2020 U10 and prior are vulnerable to replay attacks which may result in a denial-of-service condition or a loss of data integrity.
network
low complexity
subnet CWE-294
critical
9.1
2023-06-19 CVE-2023-32659 Cross-site Scripting vulnerability in Subnet Powersystem Center 2020
SUBNET PowerSYSTEM Center versions 2020 U10 and prior contain a cross-site scripting vulnerability that may allow an attacker to inject malicious code into report header graphic files that could propagate out of the system and reach users who are subscribed to email notifications.
network
low complexity
subnet CWE-79
6.1
2014-08-11 CVE-2014-2357 Buffer Errors vulnerability in Subnet Substation Server 2.7.0033/2.8.0106
The GPT library in the Telegyr 8979 Master Protocol application in SUBNET SubSTATION Server 2 before SSNET 2.12 HF18808 allows remote attackers to cause a denial of service (persistent service crash) via a long RTU-to-Master message.
network
subnet CWE-119
7.1
2013-09-17 CVE-2013-2788 Improper Input Validation vulnerability in Subnet Substation Server 2.7.0033/2.8.0106
The DNP3 Slave service in SUBNET Solutions SubSTATION Server 2.7.0033 and 2.8.0106 allows remote attackers to cause a denial of service (unhandled exception and process crash) via unspecified vectors.
network
subnet CWE-20
4.3