APC UPS Critical Zero Day TLStorm - PATCH NOW

Full list of affected devices PDF:

According to Armis, a complete remote takeover via the internet is possible as the devices are controlled through a cloud connection, potentially without even any signs of an attack through remote code execution. An exploitation could result in weaponized power outages or surges of battery function affecting both the power supply and other connected systems, as well as breaches of company data or installed malware.

Both vulns require no human interaction and can be exploited as a zero-click attack.

Armis said there’s currently no indication the flaws are being exploited in the wild. ®

Sorry not long on words, some of you probably have this stuff.

Get going.

2 Likes

Please tell me its called thunder lightning storm

3 Likes

Halt and catch fire?

1 Like

Holy shit and my dad my trying to convince me to use APC over Cyberpower or Eaton just the other day lol

3 Likes

Welp, I guess IOT reaches into more places it does not belong…

I understand why it should be an option, but this sounds more a requirement…

6 Likes

One more reason to distrust “the Cloud” and keep stuff local instead.

7 Likes

Thank goodness I dont have the smart connect.

4 Likes

I see you too like my response meme

1 Like

2 Likes

Master race

4 Likes

I found the underlying bug.

devices are controlled through a cloud connection

I don’t understand why that’s desirable. Presumably the network connection relies on the UPS…

8 Likes

CyberPower master race reporting.

3 Likes

Triplight for the win!!!

2 Likes

They were bought by Eaton :slight_smile:

1 Like

Finally, a hack that can burn a computer. Isnt this the first time?

1 Like

*Cough! nzxt h1 case *cough!

Thats not a hack but it certainly gets your pc on fire :rofl:

3 Likes

May not be a software hack but it’s definitely a hack job!!! :rofl:

3 Likes

Yeah that’s the scary part. Nothing happened yet but the potential is worrying.