APC UPS zero-day bugs can remotely burn out devices, disable power

APC UPS zero-day bugs can remotely burn out devices, disable power

You are here:
Estimated reading time: 1 min

Vulnerability

A set of three critical zero-day vulnerabilities now tracked as TLStorm could let hackers take control of uninterruptible power supply (UPS) devices from APC, a subsidiary of Schneider Electric.

The flaws affect APC Smart-UPS systems that are popular in a variety of activity sectors, including governmental, healthcare, industrial, IT, and retail.

Mitigation recommendations

  1. Install the patches available on the Schneider Electric website
  2. If you are using the NMC, change the default NMC password (“apc”) and install a publicly-signed SSL certificate so that an attacker on your network will not be able to intercept the new password. To further limit the attack surface of your NMC, refer to the Schneider Electric Security Handbook for NMC 2 and NMC 3.
  3. Deploy access control lists (ACLs) in which the UPS devices are only allowed to communicate with a small set of management devices and the Schneider Electric Cloud via encrypted communications.
Armis published Technical Whitepaper
 
Still Need Help? Open a Ticket

Let one of our experienced engineer resolve the issue

Was this article helpful?
Dislike 0