Serious security vulnerabilities have been discovered in two widely used data center solutions: CyberPower’s PowerPanel Enterprise Data Center Infrastructure Management (DCIM) platform and Dataprobe’s iBoot Power Distribution Unit (PDU) [2]. These vulnerabilities have the potential to paralyze data centers, manipulate data [1], and enable large-scale attacks [1] [5] [6].
Description
The vulnerabilities in CyberPower’s PowerPanel Enterprise DCIM include three authentication bypass flaws and an OS command injection bug that could lead to authenticated remote code execution [2]. These vulnerabilities could be exploited by criminals to gain unauthorized access to the management interface and shut down devices in data centers [4]. The vulnerabilities also include the use of hard-coded credentials [4] [7], improper neutralization of escape sequences [4] [7], improperly implemented security checks [4] [7], and OS command injection [2] [4] [7].
On the other hand, the vulnerabilities in Dataprobe’s iBoot PDU include authentication bypass [2], authenticated remote code execution [1] [2], denial of service [1] [2], and tampering with the internal database [2]. These vulnerabilities could allow unauthorized access and control of power supply to devices [4]. The vulnerabilities also include deserialization of untrusted data [4], buffer overflow [4] [7], and use of hard-coded credentials [1] [4] [7].
Exploiting these vulnerabilities could allow attackers to gain full access to the systems and potentially create a backdoor or entry point to connected data center devices and enterprise systems [2]. This could lead to widespread ransomware, DDoS [3] [5] [6], or Wiper attacks [3].
Both CyberPower and Dataprobe have released fixes for these vulnerabilities, and organizations are advised to update their software and firmware immediately. It is also recommended to avoid exposing these platforms or devices to the wider internet [2], change all user account passwords [2], revoke leaked sensitive data [2], and subscribe to vendor security updates [2].
Conclusion
The vulnerabilities in CyberPower’s PowerPanel Enterprise DCIM and Dataprobe’s iBoot PDU pose significant risks to data centers and their operations. The potential impacts include power disruptions, data manipulation, and the spread of malware or ransomware. However, both companies have taken prompt action by releasing patches to address these vulnerabilities. It is crucial for organizations to update their software and take additional security measures to mitigate the risks. The discovery of these vulnerabilities highlights the importance of ongoing vigilance and the need for regular software updates to ensure the security of data center infrastructure.
References
[1] https://www.infosecurity-magazine.com/news/flaws-cyberpower-dataprobe/
[2] https://www.helpnetsecurity.com/2023/08/14/vulnerabilities-data-center-solutions/
[3] https://www.bankinfosecurity.com/multiple-flaws-uncovered-in-data-center-systems-a-22813
[4] https://cybersecuritynews.com/power-management-devices-flaw/
[5] https://secoperations.wordpress.com/2023/08/14/multiple-flaws-in-cyberpower-and-dataprobe-products-put-data-centers-at-risk/
[6] https://www.redpacketsecurity.com/multiple-flaws-in-cyberpower-and-dataprobe-products-put-data-centers-at-risk/
[7] https://www.hackread.com/data-center-disruption-espionage-malware-attacks/
