---
title: "Critical Vulnerabilities in Subnet PowerSYSTEM Center Expose Sensitive Data"
short_title: "Subnet PowerSYSTEM Center vulnerabilities expose data"
description: "Subnet Solutions PowerSYSTEM Center flaws allow authenticated attackers to access sensitive data or execute CRLF injection. Patch now to secure energy and manufacturing sectors."
author: "Vitus"
date: 2024-10-02
categories: [Cybersecurity, Vulnerabilities]
tags: [powersystem-center, cve-2026-26289, cve-2026-35504, crlf-injection, ot-security]
score: 0.85
cve_ids: [CVE-2026-26289, CVE-2026-33570, CVE-2026-35555, CVE-2026-35504]
---
## TL;DR
Subnet Solutions PowerSYSTEM Center, a critical operational technology (OT) platform, has been found vulnerable to four high-severity flaws, including CRLF injection and incorrect authorization issues. Exploitation could allow authenticated attackers to access sensitive data, delete project groups, or manipulate email notifications. Affected versions span 2020 to 2026, impacting energy and manufacturing sectors worldwide. Subnet Solutions has released patches and mitigation steps to address these risks.
Main Content
### Introduction
Operational technology (OT) systems are the backbone of critical infrastructure, and their security is paramount to preventing disruptions in sectors like energy and manufacturing. Recently, Subnet Solutions PowerSYSTEM Center, a widely deployed OT management platform, was found to contain multiple vulnerabilities that could expose sensitive information or enable malicious actions. These flaws, if exploited, could compromise the integrity and confidentiality of industrial control systems (ICS).
This article delves into the technical details, impact, and mitigation strategies for these vulnerabilities, providing actionable insights for organizations relying on PowerSYSTEM Center.
### Key Points
- Four critical vulnerabilities (CVE-2026-26289, CVE-2026-33570, CVE-2026-35555, CVE-2026-35504) affect PowerSYSTEM Center versions 2020 to 2026.
- Exploitation risks: Authenticated attackers could access sensitive data, delete project groups, or perform CRLF injection via the email notification service.
- High-severity CVSS scores: The most severe flaw (CVE-2026-26289) has a CVSS score of 8.2, indicating a high risk of exploitation.
- Affected sectors: Energy and critical manufacturing industries, with deployments spanning worldwide.
- Mitigation: Subnet Solutions has released patches and best practices to reduce risk, including monitoring user activity and restricting access to administrative functions.
Technical Details
#### Vulnerability Breakdown
The vulnerabilities in PowerSYSTEM Center stem from incorrect authorization and improper input validation. Below is a detailed breakdown of each flaw:
1. CVE-2026-26289 (CVSS 8.2 - High)
- Type: Incorrect Authorization
- Impact: Allows an authenticated user with limited permissions to access sensitive information restricted to administrators.
- Affected Versions:
- PowerSYSTEM Center 2020 (5.8.x to 5.28.x)
- PowerSYSTEM Center 2024 (6.0.x to 6.1.x)
- PowerSYSTEM Center 2026 (7.0.x)
2. CVE-2026-33570 (CVSS 5.7 - Medium)
- Type: Incorrect Authorization
- Impact: Enables low-privilege users to access information beyond their operational permissions.
- Affected Versions:
- PowerSYSTEM Center 2020 (5.11.x to 5.28.x)
3. CVE-2026-35555 (CVSS 6.3 - Medium)
- Type: Incorrect Authorization
- Impact: Permits authenticated users to delete project groups without proper authorization.
- Affected Versions:
- PowerSYSTEM Center 2024 (6.0.x to 6.1.x)
- PowerSYSTEM Center 2026 (7.0.x)
4. CVE-2026-35504 (CVSS 5.5 - Medium)
- Type: CRLF Injection
- Impact: Affects the email notification service when using SMTPS communication, potentially allowing attackers to manipulate email headers or content.
- Affected Versions:
- PowerSYSTEM Center 2020 (≤5.28.x)
- PowerSYSTEM Center 2024 (6.0.x to 6.1.x)
- PowerSYSTEM Center 2026 (7.0.x)
#### Attack Vector
These vulnerabilities are not remotely exploitable but require authenticated access to the PowerSYSTEM Center platform. Attackers with low-privilege accounts could:
- Exploit incorrect authorization flaws to escalate privileges and access restricted data.
- Leverage CRLF injection to manipulate email notifications, potentially leading to phishing attacks or data exfiltration.
- Delete critical project groups, disrupting operational workflows.
Impact Assessment
#### Sectors at Risk
PowerSYSTEM Center is deployed across critical infrastructure sectors, including:
- Energy: Power generation, transmission, and distribution systems.
- Critical Manufacturing: Industrial control systems in manufacturing plants.
A successful exploit could lead to:
- Data breaches: Exposure of sensitive operational or administrative data.
- Operational disruptions: Unauthorized deletion of project groups or manipulation of system configurations.
- Reputation damage: Loss of trust in the affected organization’s security posture.
#### Global Reach
Subnet Solutions, headquartered in Canada, serves customers worldwide. The widespread deployment of PowerSYSTEM Center amplifies the potential impact of these vulnerabilities.
Mitigation Steps
Subnet Solutions has released patches and mitigation strategies to address these vulnerabilities. Organizations using PowerSYSTEM Center are urged to take the following steps:
### Immediate Actions
1. Apply Patches:
- Update to the latest versions:
- PSC 2020 Update 29
- PSC 2024 Update 2
- PSC 2026 GA Hotfix
2. Contact Support:
- Reach out to Subnet Solutions’ System Integration team or customer support for assistance:
- Phone: (403) 270-8885
- Email: [[email protected]](mailto:[email protected])
### Long-Term Best Practices
1. Monitor User Activity:
- Ensure users adhere to acceptable usage policies and monitor for suspicious behavior.
2. Restrict Access:
- Limit Notification Settings and Send from Address configurations to trusted administrators.
3. Configure Alerts:
- Set up notification rules to trigger alerts for bulk account export activities or unauthorized changes.
4. Network Segmentation:
- Isolate OT systems from business networks using firewalls and Virtual Private Networks (VPNs).
5. Defensive Measures:
- Follow CISA’s recommended practices for OT security, including defense-in-depth strategies and regular risk assessments.
## Conclusion
The discovery of four critical vulnerabilities in Subnet Solutions PowerSYSTEM Center underscores the importance of proactive OT security. While these flaws require authenticated access, their potential impact on critical infrastructure sectors cannot be underestimated. Organizations must apply patches immediately, monitor system activity, and implement long-term security best practices to mitigate risks.
As OT systems become increasingly interconnected, the need for robust cybersecurity measures has never been greater. Stay vigilant, stay updated, and prioritize the security of your operational technology environments.
## References
[^1]: CISA. "ICS Advisory (ICSA-26-132-02) - Subnet Solutions PowerSYSTEM Center". Retrieved 2024-10-02.
[^2]: MITRE. "CWE-863: Incorrect Authorization". Retrieved 2024-10-02.
[^3]: MITRE. "CWE-93: Improper Neutralization of CRLF Sequences ('CRLF Injection')". Retrieved 2024-10-02.
[^4]: Subnet Solutions. "PowerSYSTEM Center Support". Retrieved 2024-10-02.