Zero Day Vulnerabilities Detected With APC UPS SmartConnect

By Robinson Roca
Managing Director, Network Infrastructure

Schneider Electric APC UPS have announced three Zero Day Vulnerabilities discovered by Armis Labs. These vulnerabilities pertain to a newer method of management using Schneider Electric’s cloud management called “SmartConnect”. This allows an attacker to impersonate the cloud and control the UPS. The CVEs pertaining to the vulnerability are CVE-2022-22805 and CVE-2022-22806. There is a more pervasive vulnerability in many, if not most models of APC UPSs. CVE-2022-0715, pertains to software on most APC management modules not being cryptographically signed allowing anyone to potentially create or manipulate APC software. An attacker may replace the software on the APC and insert their own malicious code to create havoc on unsuspecting clients.

These devices should be upgraded to the latest software on Schneider’s website. Recent checks show the update does not resolve these issues. A future update is expected to be released shortly. Helient recommends changing the default username and password on these devices and using the built-in access list feature to limit access to the management interface.

See the below URL for details on these Vulnerabilities:  https://www.armis.com/research/tlstorm/.

Helient’s Network Infrastructure team can assist with upgrades and locking down your UPS and PDU systems. If you have any questions or need assistance during this transition, please contact us at service@helient.com.