彙總 subnet 相關全部產品的 CVE 與安全漏洞情報,包括 CVSS、EPSS、公開時間與漏洞情報資料。
歷史漏洞主要涉及 輸入驗證問題與跨站腳本 等問題,部分漏洞可能導致 記憶體損壞,並影響 軟體部署與生產負載 相關場景。
相關漏洞資料主要來源於公開漏洞披露與安全公告,可用於評估歷史漏洞暴露面與修補優先順序。
| CVE | 摘要 | 來源 | 最高 CVSS | EPSS % | 公開時間 | 更新時間 |
|---|---|---|---|---|---|---|
| CVE-2023-6631 | PowerSYSTEM Center versions 2020 Update 16 and prior contain a vulnerability that may allow an authorized local user to insert arbitrary code into the unquoted service path and escalate privileges. | [email protected] | 7.8 | 0.17% | 2024-01-08 | 2024-11-21 |
| CVE-2023-32659 | SUBNET PowerSYSTEM Center versions 2020 U10 and prior contain a cross-site scripting vulnerability that may allow an attacker to inject malicious code into report header graphic files that could propagate out of the system and reach users who are subscribed to email notifications. | [email protected] | 6.5 | 0.38% | 2023-06-19 | 2024-11-21 |
| CVE-2023-29158 | SUBNET PowerSYSTEM Center versions 2020 U10 and prior are vulnerable to replay attacks which may result in a denial-of-service condition or a loss of data integrity. | [email protected] | 6.1 | 0.58% | 2023-06-19 | 2024-11-21 |
| CVE-2014-2357 | The GPT library in the Telegyr 8979 Master Protocol application in SUBNET SubSTATION Server 2 before SSNET 2.12 HF18808 allows remote attackers to cause a denial of service (persistent service crash) via a long RTU-to-Master message. | [email protected] | 8.3 | 2.76% | 2014-08-11 | 2026-05-06 |
| CVE-2013-2788 | The DNP3 Slave service in SUBNET Solutions SubSTATION Server 2.7.0033 and 2.8.0106 allows remote attackers to cause a denial of service (unhandled exception and process crash) via unspecified vectors. | [email protected] | 4.3 | 1.16% | 2013-09-17 | 2026-04-29 |