"Unpatched Vulnerabilities Expose Riello UPSs to Hacking: Security Firm"

CyberDanube, an Austrian industrial cybersecurity company, says hackers can take control of Riello Uninterruptible Power Supply (UPS) devices by exploiting unpatched vulnerabilities. The Italy-based Riello Elettronica is an electrical manufacturing sector company, leading in the UPS market. CyberDanube reports that the vendor has failed to fix two vulnerabilities in its NetMan 204 network communications card, which integrates Riello UPS systems into medium or large networks. The first issue is a SQL injection vulnerability that can modify log data without authentication. The second enables unauthenticated attackers to obtain an ID associated with a device. This article continues to discuss findings regarding the vulnerabilities exposing Riello UPSs to hacking.

SecurityWeek reports "Unpatched Vulnerabilities Expose Riello UPSs to Hacking: Security Firm"

Submitted by grigby1

Submitted by Gregory Rigby on