In the increasingly complex cyber-environment, appropriate sustainable maintenance of substation auto systems (SASs) can lead to many positive effects on power cyber-physical systems (CPSs). Evaluating the cybersecurity risk of power CPSs is the first step in creating sustainable maintenance plans for SASs. In this paper, a mathematical framework for evaluating the cybersecurity risk of a power CPS is proposed considering both the probability of successful cyberattacks on SASs and their consequences for the power system. First, the cyberattacks and their countermeasures are introduced, and the probability of successful cyber-intruding on SASs is modeled from the defender’s perspective. Then, a modified hypergraph model of the SAS’s logical structure is established to quantitatively analyze the impacts of cyberattacks on an SAS. The impacts will ultimately act on the physical systems of the power CPS. The modified hypergraph model can describe more information than a graph or hypergraph model and potentially can analyze complex networks like CPSs. Finally, the feasibility and effectiveness of the proposed evaluation method is verified by the IEEE 14-bus system, and the test results demonstrate that this proposed method is more reasonable to assess the cybersecurity risk of power CPS compared with some other models.