Security researchers have found several vulnerabilities affecting many models of APC Smart-UPS uninterruptible power supplies that could be exploited to take over the devices. UPS devices are used across many industries to keep mission-critical devices running in case of power loss.

“Two of these are remote code execution (RCE) vulnerabilities in the code handling the cloud connection, making these vulnerabilities exploitable over the Internet,” researchers from security firm Armis, who found the flaws, said in a report. The company has dubbed the vulnerabilities TLStorm because they’re located in the TLS implementation used in cloud-connected Smart-UPS devices.

To read this article in full, please click here

source

You May Also Like

AT&T launches managed XDR suite to provide endpoint-to-cloud security

By Shweta Sharma Senior Writer, CSO | AT&T has launched a cloud-based,…

One Identity Builds Upon Partner Program Growth with Focus on Partner Needs, Partner Business Model Development

One Identity, a leader in unified identity security, announced yesterday that its…