Researchers from Team82 uncovered critical flaws in Dataprobe’s iBoot power distribution unit. As a result of the flaws, the threat actors were able to control and cut off the electric power to the systems or other connected devices, potentially impacting the targeted firms.
Team82 is the research division of Claroty, an industrial cybersecurity firm, that found seven vulnerabilities. One of these vulnerabilities is responsible for granting access to malicious actors invading systems to execute some malicious source codes.
The iboot power distribution unit is a cloud service that allows its users real-time control of the outlets from any location through web interfaces, Telnet, and SNMP.
According to Census Report 2021, over 2000 power distributing units were connected to the internet, with Dataprobe devices accounting for 31% of the total.
The iBoot power distribution unit was mentioned in the report by Team82, which can be managed remotely through web interfaces if the device is not connected directly to the internet, or through a cloud-based infrastructure that allows access to the device’s management page if the device is not directly connected to the internet.
Cyber attackers exploited this
[…]
Content was cut in order to protect the source.Please visit the source for the rest of the article.
[…]
Content was cut in order to protect the source.Please visit the source for the rest of the article.
This article has been indexed from CySecurity News – Latest Information Security and Hacking Incidents
Read the original article: