Alarm bells are ringing for the security of critical data centre operations after a number of security flaws were uncovered in Dataprobe’s iBoot power distribution unit (PDU) and CyberPower’s PowerPanel Enterprise Data Centre Infrastructure Management (DCIM) platform.
The consequences of these vulnerabilities were outlined in a blog post written earlier this week by Trellix cybersecurity researchers Sam Quinn, Jesse Chick, and Philippe Laulheret.
With severity ratings ranging from 6.7 to 9.8, these flaws might allow malicious actors to carry out large-scale attacks, penetrate and manipulate data, and even shut down entire data centres.
The Dataprobe iBoot PDU vulnerabilities include CVE-2023-3259, which enables an attacker to overcome authentication by deserializing untrusted data, and CVE-2023-3260, which permits authorised remote code execution via OS command injection.
A buffer overflow vulnerability known
[…]
Content was cut in order to protect the source.Please visit the source for the rest of the article.
[…]
Content was cut in order to protect the source.Please visit the source for the rest of the article.
This article has been indexed from CySecurity News – Latest Information Security and Hacking Incidents
Read the original article: