CVE-2025-48058 identifies a Regular Expression Denial of Service (ReDoS) vulnerability in the PowSyBl framework, specifically within the powsybl-core component prior to version 6.7.2. PowSyBl is an open-source framework designed to facilitate the development of power system software, widely used for modeling and simulation of electrical grids. The vulnerability arises from inefficient regular expression handling in the DataSource mechanism, where certain polynomial-complexity regex patterns can cause excessive CPU consumption due to backtracking. Unlike typical exponential ReDoS patterns, this vulnerability involves polynomial complexity, which still can significantly degrade performance under crafted input conditions. Exploitation does not require authentication or user interaction, and the attack vector is network-based, allowing remote attackers to send maliciously crafted data to trigger the CPU exhaustion. The vulnerability impacts confidentiality minimally but poses a notable risk to availability by potentially causing denial of service through resource exhaustion. The issue has been addressed in version 6.7.2 of the powsybl-commons library, which includes optimized regex handling to prevent excessive backtracking. No known exploits have been reported in the wild as of the publication date, but the medium CVSS 6.3 score reflects the moderate risk due to ease of exploitation and potential impact on system availability. The vulnerability is tracked under CWE-1333, which relates to inefficient regular expression complexity leading to performance degradation.

For European organizations, particularly those involved in energy infrastructure, utilities, and grid management, this vulnerability could disrupt critical power system software operations. PowSyBl is used in power system modeling and simulation, which are essential for grid stability, planning, and real-time management. An attacker exploiting this ReDoS vulnerability could cause service outages or degraded performance in systems relying on vulnerable versions, potentially impacting operational continuity. Given the critical nature of power systems in Europe and the increasing digitization of energy infrastructure, such disruptions could have cascading effects on energy supply reliability and operational decision-making. While the vulnerability does not directly compromise data confidentiality or integrity, the availability impact could hinder monitoring, control, and simulation activities, affecting grid resilience. Organizations with automated or remote data ingestion processes using PowSyBl are particularly at risk, as the attack vector is network accessible and does not require authentication or user interaction. The absence of known exploits suggests that immediate widespread impact is unlikely, but proactive mitigation is essential to prevent future attacks.

1. Immediate upgrade to PowSyBl version 6.7.2 or later, which contains the patched powsybl-commons library with optimized regex handling to eliminate the ReDoS vulnerability. 2. Implement input validation and sanitization on all data sources feeding into PowSyBl components to detect and reject suspiciously complex or malformed inputs that could trigger regex backtracking. 3. Deploy resource usage monitoring and alerting on CPU consumption patterns within systems running PowSyBl to detect anomalous spikes indicative of ReDoS attempts. 4. Apply network-level protections such as rate limiting, anomaly detection, and filtering to restrict the volume and nature of incoming data to the DataSource mechanism, reducing exposure to crafted malicious inputs. 5. Conduct security testing including fuzzing and regex complexity analysis on custom data inputs to identify potential new attack vectors. 6. Maintain an up-to-date inventory of PowSyBl deployments and versions across the organization to ensure timely patch management. 7. Collaborate with power system software vendors and community to share threat intelligence and best practices for securing power grid simulation tools.