Security Alert: APC UPS vulnerability
March 14, 2022
Schneider Electric has announced that vulnerabilities associated with APC Smart-UPS uninterruptable power supply devices which, if compromised, may allow for potential unauthorized access and control of the device.

Schneider Electric published Security Advisories to highlight vulnerabilities in the following products:

  • EcoStruxure Control Expert – version V15.0 SP1 and prior
  • EcoStruxure Process Expert – version V2021 and prior
  • Ritto Wiser Door – all versions
  • SmartConnect Family – multiple versions and platforms
  • Smart-UPS Family – multiple versions and platforms


In a statement, Schneider Electric advises the following:

"We recommend that customers immediately install available firmware updates provided below, which include remediations to reduce the risk of successful exploitation of these vulnerabilities. In addition, customers should also immediately ensure they have implemented cybersecurity best practices across their operations to protect themselves from exploitation of these vulnerabilities."

Customers are encouraged to perform the suggested mitigations and apply the necessary updates as soon as possible.

For a list of all affected models and how to apply the security updates, please visit Schneider Electric Security Notification

Source: Canadian Centre for Cyber Security

Please help us improve our website by providing your feedback

Please help us improve our website by providing your feedback