Monday, May 12, 2025
Homecyber securityCritical Vulnerabilities In APC Smart-UPS Devices Let Attackers Remotely Manipulate The Power

Critical Vulnerabilities In APC Smart-UPS Devices Let Attackers Remotely Manipulate The Power

Published on

SIEM as a Service

Follow Us on Google News

The cybersecurity firm, Armis has recently discovered that Schneider Electric’s subsidiary, APC Smart-UPS devices, are vulnerable to attacks, as, in PC Smart-UPS devices, three critical vulnerabilities were detected.

An APC Smart-UPS device is a type of backup battery that provides power back up to IT assets within a network. However, the three severe vulnerabilities that were discovered could allow an attacker to execute extreme attacks targeting both physical devices and IT assets remotely by taking over Smart-UPS devices.

The vulnerabilities were dubbed TLStorm, and by exploiting the detected critical flaws, an attacker can perform:-

- Advertisement - Google News
  • Remote code execution.
  • Replace firmware.
  • Potentially burn the entire unit.

Vulnerabilities that were uncovered by the recent APC security re-assessment are widespread and used in a variety of areas such as:- 

  • Government
  • Healthcare
  • Industrial
  • IT
  • Retail
  • OT/ICS environments
  • Residences
  • Server rooms
  • Energy suppliers

Vulnerabilities

Three critical vulnerabilities were detected, and here below, we have mentioned them all:-

  • CVE ID: CVE-2022-22806
  • Summary: TLS authentication bypass
  • Description: A state confusion in the TLS handshake leads to authentication bypass, leading to remote code execution (RCE) using a network firmware upgrade.
  • Severity: Critical
  • CVE ID: CVE-2022-22805
  • Summary: TLS buffer overflow
  • Description: A memory corruption bug in packet reassembly (RCE).
  • Severity: Critical
  • CVE ID: CVE-2022-0715
  • Summary: RCE
  • Description: Unsigned firmware upgrade that can be updated over the network (RCE).
  • Severity: Critical

Affected Products

Below we have mentioned all the products that are affected:-

  • Smart-UPS SMT and SMC Series
  • SmartConnect SMT and SMC Series
  • Smart-UPS SCL, SMX, and SRT Series
  • SmartConnect SMTL, SCL, and SMX Series

Risk Aspect

Armis has claimed that these critical vulnerabilities were detected in the SmartConnect and Smart-UPS family of products which of APC would leave the devices exposed to several attacks.

The CVE-2022-22805 and CVE-2022-22806 were found in the implementation of the TLS; it’s a protocol that creates a link between Smart-UPS devices and SmartConnect, a cloud management feature of Schneider Electric.

The CVE-2022-0715 is the third one that is related to the firmware of almost all APC Smart-UPS devices, an unsigned firmware upgrade that can be updated over the network.

Security Recommendations

The cybersecurity analysts at Armis security firm has recommended a few security mitigations:-

  • From the Schneider Electric website, immediately install all the available patches.
  • Locate and isolate all the remote devices, control, and safety system networks that are behind firewalls.
  • Never connect any programming software to an unknown network.
  • Do not allow mobile devices that have connected to any other network.
  • Make sure that all the control system devices and systems are not accessible from the Internet.
  • Make sure to deploy access control lists (ACLs) in which the UPS devices are only allowed to communicate.
  • Always use VPNs whenever remote access is required.

You can follow us on LinkedinTwitterFacebook for daily Cybersecurity and hacking news updates.

Latest articles

Open Source Linux Firewall IPFire 2.29 – Core Update 194 Released: What’s New!

IPFire, the powerful open-source firewall, has unveiled its latest release, IPFire 2.29 – Core...

Threat Actors Leverage DDoS Attacks as Smokescreens for Data Theft

Distributed Denial of Service (DDoS) attacks, once seen as crude tools for disruption wielded...

20-Year-Old Proxy Botnet Network Dismantled After Exploiting 1,000 Unpatched Devices Each Week

A 20-year-old criminal proxy network has been disrupted through a joint operation involving Lumen’s...

“PupkinStealer” – .NET Malware Steals Browser Data and Exfiltrates via Telegram

A new information-stealing malware dubbed “PupkinStealer” has emerged as a significant threat to individuals...

Resilience at Scale

Why Application Security is Non-Negotiable

The resilience of your digital infrastructure directly impacts your ability to scale. And yet, application security remains a critical weak link for most organizations.

Application Security is no longer just a defensive play—it’s the cornerstone of cyber resilience and sustainable growth. In this webinar, Karthik Krishnamoorthy (CTO of Indusface) and Phani Deepak Akella (VP of Marketing – Indusface), will share how AI-powered application security can help organizations build resilience by

Discussion points


Protecting at internet scale using AI and behavioral-based DDoS & bot mitigation.
Autonomously discovering external assets and remediating vulnerabilities within 72 hours, enabling secure, confident scaling.
Ensuring 100% application availability through platforms architected for failure resilience.
Eliminating silos with real-time correlation between attack surface and active threats for rapid, accurate mitigation

More like this

Threat Actors Leverage DDoS Attacks as Smokescreens for Data Theft

Distributed Denial of Service (DDoS) attacks, once seen as crude tools for disruption wielded...

20-Year-Old Proxy Botnet Network Dismantled After Exploiting 1,000 Unpatched Devices Each Week

A 20-year-old criminal proxy network has been disrupted through a joint operation involving Lumen’s...

“PupkinStealer” – .NET Malware Steals Browser Data and Exfiltrates via Telegram

A new information-stealing malware dubbed “PupkinStealer” has emerged as a significant threat to individuals...