Blended (Cyber-Physical) Threat Awareness – APC Smart-UPS Devices Vulnerable to Remote Exploitation Could have Physical Impacts

UPS (uninterruptible power supply) devices are widely relied on to keep our computer networks operational during a short-term power outage and to allow for graceful shutdowns in the event of longer-term power failures. But UPS devices can be a set it and forget it part of our network. A recent trio of vulnerabilities dubbed TLStorm highlight why UPS devices shouldn’t be neglected.

Armis recently disclosed three vulnerabilities (CVE-2022-22806, CVE-2022-22805, CVE-2022-0715) impacting APC UPS devices (APC is a subsidiary of Schneider Electric) that could be remotely exploited to cause a UPS to become completely inoperable or potentially destroyed. According to Schneider Electric, the vulnerabilities impact SMT, SMC, SCL, SMX, SRT, and SMTL series products. Given widespread global use of APC Smart-UPS devices, including use in data centers, hospitals and industrial facilities, Armis estimates nearly 80% of organizations could be vulnerable to this flaw. Members using the impacted APC UPS devices are encouraged to review the Schneider Electric security advisory for patches and mitigations and address accordingly to reduce the risk of exploitation. For more, visit SecurityWeek or Armis.