Skip to main content

CVE-2023-6631: CWE-428 in Subnet Solutions Inc. PowerSYSTEM Center

High
VulnerabilityCVE-2023-6631cvecve-2023-6631cwe-428
Published: Mon Jan 08 2024 (01/08/2024, 19:04:41 UTC)
Source: CVE Database V5
Vendor/Project: Subnet Solutions Inc.
Product: PowerSYSTEM Center

Description

PowerSYSTEM Center versions 2020 Update 16 and prior contain a vulnerability that may allow an authorized local user to insert arbitrary code into the unquoted service path and escalate privileges.

AI-Powered Analysis

AILast updated: 07/04/2025, 01:41:00 UTC

Technical Analysis

CVE-2023-6631 is a high-severity vulnerability identified in Subnet Solutions Inc.'s PowerSYSTEM Center, specifically affecting versions 2020 Update 16 and prior (notably 2020 v5.0.x). The vulnerability is categorized under CWE-428, which pertains to unquoted search path or element vulnerabilities. This issue arises when the software installs services with unquoted paths containing spaces, allowing an authorized local user to insert arbitrary executable code by placing malicious binaries in directories that the system searches when launching the service. Because the service path is unquoted, Windows may interpret the path incorrectly and execute the malicious code with elevated privileges. Exploitation requires local access with some level of authorization (local privileges), but no user interaction is needed once access is obtained. The vulnerability allows privilege escalation, potentially granting an attacker SYSTEM-level control over the affected host. The CVSS v3.1 score of 7.8 reflects high severity, with high impact on confidentiality, integrity, and availability, and relatively low attack complexity. Although no known exploits are currently reported in the wild, the vulnerability poses a significant risk in environments where PowerSYSTEM Center is deployed, especially in industrial control or critical infrastructure contexts where this product is used for system management and monitoring.

Potential Impact

For European organizations, the impact of CVE-2023-6631 can be substantial, particularly for those in sectors relying on industrial control systems (ICS), utilities, manufacturing, and critical infrastructure management where PowerSYSTEM Center is deployed. Successful exploitation can lead to full system compromise on affected hosts, enabling attackers to manipulate system configurations, disrupt operations, or exfiltrate sensitive data. Given the high privileges gained, attackers could also move laterally within networks, increasing the risk of broader organizational compromise. This vulnerability undermines the integrity and availability of critical management systems, potentially causing operational downtime or safety risks. European organizations with stringent regulatory requirements around cybersecurity and data protection (e.g., GDPR, NIS Directive) may face compliance risks if such vulnerabilities are exploited. The local access requirement somewhat limits remote exploitation but does not eliminate risk, especially in environments where insider threats or compromised user accounts are possible.

Mitigation Recommendations

Mitigation should focus on immediate patching or upgrading to a version of PowerSYSTEM Center that addresses the unquoted service path issue, although no specific patch links are currently provided. In the absence of an official patch, organizations should manually inspect service paths for unquoted spaces and correct them by quoting the executable paths or restructuring directory names to avoid spaces. Restrict local user permissions to the minimum necessary to prevent unauthorized code placement in directories searched by services. Employ application whitelisting and endpoint protection solutions to detect and block unauthorized executable files. Conduct regular audits of service configurations and monitor for unusual local activity indicative of privilege escalation attempts. Network segmentation and strict access controls can limit the ability of attackers to gain local access to critical systems. Additionally, educating authorized users about the risks of local privilege escalation and enforcing strong authentication controls can reduce the likelihood of exploitation.

Need more detailed analysis?Get Pro

Technical Details

Data Version
5.1
Assigner Short Name
icscert
Date Reserved
2023-12-08T17:28:43.750Z
Cvss Version
3.1
State
PUBLISHED

Threat ID: 683f0dc2182aa0cae27ff3ef

Added to database: 6/3/2025, 2:59:14 PM

Last enriched: 7/4/2025, 1:41:00 AM

Last updated: 8/5/2025, 12:07:31 PM

Views: 13

Actions

PRO

Updates to AI analysis are available only with a Pro account. Contact root@offseq.com for access.

Please log in to the Console to use AI analysis features.

Need enhanced features?

Contact root@offseq.com for Pro access with improved analysis and higher rate limits.

Latest Threats