QID 590751
Date Published: 2022-05-10
QID 590751: Schneider Electric APC Smart-UPS SMT, SMC, SMX, SCL, SMTL and SRT Series Multiple Vulnerabilities (SEVD-2022-067-02)
Affected Products and Versions
Smart-UPS Family
SMT Series ID=18: UPS 09.8 and prior
SMT Series ID=1040: UPS 01.2 and prior
SMT Series ID=1031: UPS 03.1 and prior
SMC Series ID=1005: UPS 14.1 and prior
SMC Series ID=1007: UPS 11.0 and prior
SMC Series ID=1041: UPS 01.1 and prior
SCL Series ID=1030: UPS 02.5 and prior
SCL Series ID=1036: UPS 02.5 and prior
SMX Series ID=20: UPS 10.2 and prior
SMX Series ID=23: UPS 07.0 and prior
SRT Series ID=1010/1019/1025: UPS 08.3 and prior
SRT Series ID=1024: UPS 01.0 and prior
SRT Series ID=1020: UPS 10.4 and prior
SRT Series ID=1021: UPS 12.2 and prior
SRT Series ID=1001/1013: UPS 05.1 and prior
SRT Series ID=1002/1014: UPSa05.2 and prior
SmartConnect Family
SMT Series ID=1015: UPS 04.5 and prior
SMC Series ID=1018: UPS 04.2 and prior
SMTL Series ID=1026: UPS 02.9 and prior
SCL Series ID=1029: UPS 02.5 and prior
SCL Series ID=1030: UPS 02.5 and prior
SCL Series ID=1036: UPS 02.5 and prior
SCL Series ID=1037: UPS 03.1 and prior
SMX Series ID=1031: UPS 03.1 and prior
QID Detection Logic (Authenticated):
QID checks for the Vulnerable version of using passive scanning
Improper Authentication vulnerability exists that could cause an attacker to arbitrarily change the behavior of the UPS if a key is leaked and used to upload malicious firmware
Customers are advised to refer to advisory SEVD-2022-067-02 for affected packages and patching details.
- SEVD-2022-067-02 -
www.se.com/ww/en/download/document/SEVD-2022-067-02/
CVEs related to QID 590751
| Advisory ID | Software | Component | Link |
|---|---|---|---|
| SEVD-2022-067-02 |
www.se.com/ww/en/download/document/SEVD-2022-067-02/ |