Security Vulnerabilities in APC Smart-UPS Models
Schneider Electric recently published a security vulnerability in several APC Smart-UPS models which, if compromised, may allow for potential unauthorized access and control of the device, including remote shutdown. See more detail below.
Some of the latest APC Smart-UPS models are controlled through a Cloud connection. A recent study performed by Armis researchers found that an attacker exploiting the TLStorm vulnerabilities could remotely take over devices via the Internet without any user interaction or signs of attack. As a result, attackers can perform a remote-code execution (RCE) attack on a device, which in turn could be used to alter the operations of the UPS to physically damage the device itself or other assets connected to it.
Schneider Electric is aware of the vulnerabilities associated with APC Smart-UPS uninterruptable power supply devices which, if compromised, may allow for potential unauthorized access and control of the device. Upon learning of these vulnerabilities, Schneider has worked diligently to develop remediations and mitigations, and disclose in a timely, responsible manner so that our customers and end-users can better protect their people, assets, and operations.
Schneider is recommending that customers immediately install available firmware updates provided below, which include remediations to reduce the risk of successful exploitation of these vulnerabilities. In addition, customers should also immediately ensure they have implemented cybersecurity best practices across their operations to protect themselves from exploitation of these vulnerabilities. Where appropriate, this includes locating their systems and remotely accessible devices behind firewalls; installing physical controls to prevent unauthorized access; preventing mission-critical systems and devices from being accessed from outside networks. More information on recommended security practices can be found in the General Security Recommendations section below.
What Systems are Impacted?
|SMT Series ID=18: UPS 09.8 and prior SMT Series ID=1040: UPS 01.2 and prior SMT Series ID=1031: UPS 03.1 and prior||CVE-2022-0715|
|SMC Series ID=1005: UPS 14.1 and prior
SMC Series ID=1007: UPS 11.0 and prior SMC Series ID=1041: UPS 01.1 and prior
|SCL Series||SCL Series ID=1030: UPS 02.5 and prior SCL Series ID=1036: UPS 02.5 and prior||
|SMX Series||SMX Series ID=20: UPS 10.2 and prior SMX Series ID=23: UPS 07.0 and prior|
|SRT Series ID=1010/1019/1025: UPS 08.3 and prior SRT Series ID=1024: UPS 01.0 and prior
SRT Series ID=1020: UPS 10.4 and prior SRT Series ID=1021: UPS 12.2 and prior
SRT Series ID=1001/1013: UPS 05.1 and prior SRT Series ID=1002/1014: UPSa05.2 and prior
|SMT Series||SMT Series ID=1015: UPS 04.5 and prior||
CVE-2022-22805 CVE-2022-22806 CVE-2022-0715
|SMC Series||SMC Series ID=1018: UPS 04.2 and prior|
|SMTL Series||SMTL Series ID=1026: UPS 02.9 and prior|
|SCL Series ID=1029: UPS 02.5 and prior SCL Series ID=1030: UPS 02.5 and prior SCL Series ID=1036: UPS 02.5 and prior
SCL Series ID=1037: UPS 03.1 and prior
|SMX Series||SMX Series ID=1031: UPS 03.1 and prior|
What Can You Do?
Schneider / APC recommends that customers immediately install available firmware updates provided below, which include remediations to reduce the risk of successful exploitation of these vulnerabilities.
You can learn more by visiting their Customer Care Center, or visiting the Schneider Electric’s published Security Notification on this issue here
If you are not sure if your UPS system falls in these parameters, or need hands on support, contact Quality Power Solutions today!