CVE-2026-35555

Summary

PowerSYSTEM Center feature for device project groups allows an authenticated user with limited permissions to perform an unauthorized deletion of project groups.

Affected Software

VendorProductVersion RangeStatus
Subnet SolutionsPowerSYSTEM Center 20246.0.x <= 6.1.xaffected
Subnet SolutionsPowerSYSTEM Center 20267.0.xaffected

Weaknesses

  • CWE-863: CWE-863 Incorrect Authorization

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

References