Wednesday, April 30, 2025
Homecyber securityCritical Vulnerabilities In APC Smart-UPS Devices Let Attackers Remotely Manipulate The Power

Critical Vulnerabilities In APC Smart-UPS Devices Let Attackers Remotely Manipulate The Power

Published on

SIEM as a Service

Follow Us on Google News

The cybersecurity firm, Armis has recently discovered that Schneider Electric’s subsidiary, APC Smart-UPS devices, are vulnerable to attacks, as, in PC Smart-UPS devices, three critical vulnerabilities were detected.

An APC Smart-UPS device is a type of backup battery that provides power back up to IT assets within a network. However, the three severe vulnerabilities that were discovered could allow an attacker to execute extreme attacks targeting both physical devices and IT assets remotely by taking over Smart-UPS devices.

The vulnerabilities were dubbed TLStorm, and by exploiting the detected critical flaws, an attacker can perform:-

- Advertisement - Google News
  • Remote code execution.
  • Replace firmware.
  • Potentially burn the entire unit.

Vulnerabilities that were uncovered by the recent APC security re-assessment are widespread and used in a variety of areas such as:- 

  • Government
  • Healthcare
  • Industrial
  • IT
  • Retail
  • OT/ICS environments
  • Residences
  • Server rooms
  • Energy suppliers

Vulnerabilities

Three critical vulnerabilities were detected, and here below, we have mentioned them all:-

  • CVE ID: CVE-2022-22806
  • Summary: TLS authentication bypass
  • Description: A state confusion in the TLS handshake leads to authentication bypass, leading to remote code execution (RCE) using a network firmware upgrade.
  • Severity: Critical
  • CVE ID: CVE-2022-22805
  • Summary: TLS buffer overflow
  • Description: A memory corruption bug in packet reassembly (RCE).
  • Severity: Critical
  • CVE ID: CVE-2022-0715
  • Summary: RCE
  • Description: Unsigned firmware upgrade that can be updated over the network (RCE).
  • Severity: Critical

Affected Products

Below we have mentioned all the products that are affected:-

  • Smart-UPS SMT and SMC Series
  • SmartConnect SMT and SMC Series
  • Smart-UPS SCL, SMX, and SRT Series
  • SmartConnect SMTL, SCL, and SMX Series

Risk Aspect

Armis has claimed that these critical vulnerabilities were detected in the SmartConnect and Smart-UPS family of products which of APC would leave the devices exposed to several attacks.

The CVE-2022-22805 and CVE-2022-22806 were found in the implementation of the TLS; it’s a protocol that creates a link between Smart-UPS devices and SmartConnect, a cloud management feature of Schneider Electric.

The CVE-2022-0715 is the third one that is related to the firmware of almost all APC Smart-UPS devices, an unsigned firmware upgrade that can be updated over the network.

Security Recommendations

The cybersecurity analysts at Armis security firm has recommended a few security mitigations:-

  • From the Schneider Electric website, immediately install all the available patches.
  • Locate and isolate all the remote devices, control, and safety system networks that are behind firewalls.
  • Never connect any programming software to an unknown network.
  • Do not allow mobile devices that have connected to any other network.
  • Make sure that all the control system devices and systems are not accessible from the Internet.
  • Make sure to deploy access control lists (ACLs) in which the UPS devices are only allowed to communicate.
  • Always use VPNs whenever remote access is required.

You can follow us on Linkedin, Twitter, Facebook for daily Cybersecurity and hacking news updates.

Latest articles

Trellix Launches Phishing Simulator to Help Organizations Detect and Prevent Attacks

Trellix, a leader in cybersecurity solutions, has unveiled its latest innovation, the Trellix Phishing...

AiTM Phishing Kits Bypass MFA by Hijacking Credentials and Session Tokens

Darktrace's Security Operations Center (SOC) in late 2024 and early 2025, cybercriminals have been...

Nitrogen Ransomware Uses Cobalt Strike and Log Wiping in Targeted Attacks on Organizations

Threat actors have leveraged the Nitrogen ransomware campaign to target organizations through deceptive malvertising...

Researchers Reveal Threat Actor TTP Patterns and DNS Abuse in Investment Scams

Cybersecurity researchers have uncovered the intricate tactics, techniques, and procedures (TTPs) employed by threat...

Resilience at Scale

Why Application Security is Non-Negotiable

The resilience of your digital infrastructure directly impacts your ability to scale. And yet, application security remains a critical weak link for most organizations.

Application Security is no longer just a defensive play—it’s the cornerstone of cyber resilience and sustainable growth. In this webinar, Karthik Krishnamoorthy (CTO of Indusface) and Phani Deepak Akella (VP of Marketing – Indusface), will share how AI-powered application security can help organizations build resilience by

Discussion points


Protecting at internet scale using AI and behavioral-based DDoS & bot mitigation.
Autonomously discovering external assets and remediating vulnerabilities within 72 hours, enabling secure, confident scaling.
Ensuring 100% application availability through platforms architected for failure resilience.
Eliminating silos with real-time correlation between attack surface and active threats for rapid, accurate mitigation

More like this

AiTM Phishing Kits Bypass MFA by Hijacking Credentials and Session Tokens

Darktrace's Security Operations Center (SOC) in late 2024 and early 2025, cybercriminals have been...

Nitrogen Ransomware Uses Cobalt Strike and Log Wiping in Targeted Attacks on Organizations

Threat actors have leveraged the Nitrogen ransomware campaign to target organizations through deceptive malvertising...

Researchers Reveal Threat Actor TTP Patterns and DNS Abuse in Investment Scams

Cybersecurity researchers have uncovered the intricate tactics, techniques, and procedures (TTPs) employed by threat...