Grid Protection Alliance Vulnerabilities Responses

GPA's Definition of a Vulnerability
GPA's Approach to Coordinated Vulnerability Disclosure

Most Recent

...
Vulnerability
Permanent Cross-Site-Scripting Vulnerability in openPDC and openHistorian

A critical vulnerability has been identified in both openPDC and openHistorian, which allows an attacker to perform Permanent Cross-Site-Scripting via configuration objects.

...
Grid Protection Alliance
March 2025
...
Vulnerability
Command Execution via Arbitrary File Write in openPDC and openHistorian

A critical vulnerability has been identified in both openPDC and openHistorian, which allows an attacker to perform command execution by leveraging arbitrary file write.

...
Grid Protection Alliance
November 2024
...
Vulnerability
Response to global Microsoft and Crowdstrike Outage

Most GPA Products are deployed on Premise and not affected by the ongoing global outage. Any openHistorian and openXDA systems hosted by GPA for our clients are also not affected by this outage. A small number of deployments using Microsoft services for authentication may be partially affected.

...
Grid Protection Alliance
July 2024

Previous Vulnerabilities News

March 2025

Permanent Cross-Site-Scripting Vulnerability in openPDC and openHistorian

November 2024

Command Execution via Arbitrary File Write in openPDC and openHistorian

July 2024

Response to global Microsoft and Crowdstrike Outage

April 2024

Update to CISA WiX Toolset Vulnerability

February 2024

Response to CISA Wix Toolset Vulnerability

January 2022

Response to Grafana Vulnerability Update

December 2021

Response to CISA Apache Log4j Vulnerability Update

Contact

For inquiries, email us at
info@GridProtectionAlliance.org

Follow us