CVE-2023-29158

SUBNET PowerSYSTEM Center Authentication Bypass by Capture-replay

Description

SUBNET PowerSYSTEM Center versions 2020 U10 and prior are vulnerable to replay attacks which may result in a denial-of-service condition or a loss of data integrity.

Remediation

Solution:

  • SUBNET Solutions has fixed these issues by enabling a file integrity check on uploaded images and anti-forgery tokens to prevent replay attacks. The fix was introduced in PowerSYSTEM Center update 12 as well as Update 8+Hotfix (both identified by release number 5.12.2305.10101, which can be located in Settings / Overview / Version).

Workaround:

  • SUBNET Solutions recommends users to follow the following workarounds: * Users should verify that SVG files do not contain HTML elements or scripts and validate that JPG and PNG files are not SVG files. * Users should verify network security rules to ensure that outbound connections to the internet are not possible. * If the above cannot be performed or notifications are not required, disable email notifications for reports from PowerSYSTEM Center. * Monitor user activity and ensure application control rules only allow preauthorized executables to run. * Deny users to run other executables on client access servers (PowerSYSTEM Center front end access point).

Category

6.1
CVSS
Severity: Medium
CVSS 3.1 •
EPSS 0.04%
Third-Party Advisory cisa.gov
Affected: SUBNET Solutions Inc. PowerSYSTEM Center
Published at:
Updated at:

References

Link Tags
https://www.cisa.gov/news-events/ics-advisories/icsa-23-166-01 third party advisory us government resource

Frequently Asked Questions

What is the severity of CVE-2023-29158?
CVE-2023-29158 has been scored as a medium severity vulnerability.
How to fix CVE-2023-29158?
To fix CVE-2023-29158: SUBNET Solutions has fixed these issues by enabling a file integrity check on uploaded images and anti-forgery tokens to prevent replay attacks. The fix was introduced in PowerSYSTEM Center update 12 as well as Update 8+Hotfix (both identified by release number 5.12.2305.10101, which can be located in Settings / Overview / Version).
Is CVE-2023-29158 being actively exploited in the wild?
As for now, there are no information to confirm that CVE-2023-29158 is being actively exploited. According to its EPSS score, there is a ~0% probability that this vulnerability will be exploited by malicious actors in the next 30 days.
What software or system is affected by CVE-2023-29158?
CVE-2023-29158 affects SUBNET Solutions Inc. PowerSYSTEM Center.
This platform uses data from the NIST NVD, MITRE CVE, MITRE CWE, First.org and CISA KEV but is not endorsed or certified by these entities. CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site.
© 2025 Under My Watch. All Rights Reserved.