[Nut-upsuser] UPS's with TLS vulnerabilies: patch now!
Roger Price
roger at rogerprice.org
Wed Jul 13 10:29:40 BST 2022
On Wed, 13 Jul 2022, gene heskett wrote:
> Question for Roger: Your alert about TLSstorm does not apply to apc's using
> the usbhid-ups driver?
Hello Gene, It's currently independent of the NUT driver used. The APC
Smart-UPS feature called "SmartConnect" has its own RJ45 port on the back of the
unit, independent of the USB port that might be used by the usbhid-ups driver.
The UPS is programmed to connect directly to Schneider Electric cloud services,
port 443 on lwm2m.na.struxurewarecloud.com, using I suppose the https protocol.
The FAQ https://www.apc.com/ae/en/faqs/FAQ000230321/ describes the hole that
must be created in the firewall to allow SmartConnect to work. I've heard that
clients who offer their data to Schneider/APC get a year's extra warranty.
Although SmartConnect is currently separate from the other interface ports,
Schneider/APC marketing might well like to have SmartConnect as the only
connector, with as much logic as possible transferred to Schneider Electric
cloud services. The literature calls it the First Cloud-enabled UPS, providing
added value and peace of mind. For more detail read the 13 page PDF at
https://ckm-content.se.com/ckmContent/sfc/servlet.shepherd/document/download/0691H00000FWcBtQAL
Roger
More information about the Nut-upsuser
mailing list