CISA 2026-05-12

Subnet Solutions PowerSYSTEM Center

Machine-generated analysis · WAYSCloud LLM

Multiple CVEs affect different versions of PowerSYSTEM Center, with the 2020, 2024, and 2026 product lines all impacted. The vendor specifies distinct update versions for each affected product line.

Context

Subnet Solutions PowerSYSTEM Center is a software product used in critical manufacturing and energy sectors. The advisory states authenticated attackers could expose sensitive information or perform CRLF injection. The vendor provides specific version updates for each product line rather than a single patch.

Operator considerations

Check: Inventory PowerSYSTEM Center installations and their exact version numbers.
Patch: Update to PSC 2020 Update 29, PSC 2024 Update 2, or PSC 2026 GA Hotfix as appropriate.
Log: Monitor authentication and export activities on PowerSYSTEM Center endpoints.

From Cybersecurity and Infrastructure Security Agency ↗

Successful exploitation of these vulnerabilities could allow an authenticated attacker to expose sensitive information or cause a CRLF injection.

The following versions of Subnet Solutions PowerSYSTEM Center are affected:

PowerSYSTEM Center 2020 =5.8.x|=5.11.x|=6.0.x|=5.8.x|=6.0.x|

Read the full advisory on CISA →