Schneider Electric APC Smart-UPS buffer overflow | CVE-2022-22805
NAME
Schneider Electric APC Smart-UPS buffer overflow
- Platforms Affected:
Schneider Electric SMT Series 1015 UPS 04.5
Schneider Electric SMC Series 1018 UPS 04.2
Schneider Electric SMTL Series 1026 UPS 02.9
Schneider Electric SCL Series 1029 UPS 02.5
Schneider Electric SCL Series 1036 UPS 02.5
Schneider Electric SCL Series 1037 UPS 03.1
Schneider Electric SMX Series 1031 UPS 03.1
Schneider Electric SCL Series 1030 UPS 02.5 - Risk Level:
9 - Exploitability:
Unproven - Consequences:
Gain Access
DESCRIPTION
Schneider Electric APC Smart-UPS uninterruptable power supply devices are vulnerable to a TLS buffer overflow, caused by improper bounds checking by the implementation of the TLS (Transport Layer Security) protocol that connects the Smart-UPS devices with the “SmartConnect” feature to the Schneider Electric management cloud. By reassembling an improperly handled TLS packet, a remote attacker could overflow a buffer and execute arbitrary code on the system with elevated privileges. Note: This vulnerability is known as TLStorm.
CVSS 3.0 Information
- Privileges Required: None
- User Interaction: None
- Scope: Changed
- Access Vector: Network
- Access Complexity: High
- Confidentiality Impact: High
- Integrity Impact: High
- Availability Impact: High
- Remediation Level: Official Fix
MITIGATION
Refer to Schneider Electric SEVD-2022-067-02 for patch, upgrade or suggested workaround information. See References.
- Reference Link:
https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2022-067-02 - Reference Link:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22805
If you like the site, please consider joining the telegram channel and supporting us on Patreon using the button below.