Hackers have begun to attack internet-connected universal power supply devices, targeting their control interfaces via multiple remote code execution vulnerabilities and, in some cases, unchanged default usernames and passwords, according to an advisory from the U.S. Cybersecurity and Infrastructure Security Agency (CISA) issued on Tuesday.
UPS devices, in recent years, have received IoT upgrades, according to CISA – the idea being to allow users to control them remotely via the internet. However, like many other IoT devices, some UPSs have serious flaws in their security and authentication systems, which attackers have exploited to gain illicit access to them.
Go to Source of this post
Author Of this post: