Fortinet Discovers Schneider Electric Smart-UPS SRT 5000 Debug Log File Publicly Accessible Vulnerability
Fortinet's FortiGuard Labs had discovered a Debug Log File Publicly Accessible vulnerability in Schneider Electric Smart-UPS SRT 5000 .
Schneider Electric Smart-UPS is an intelligent and efficient network power protection from entry level to scaleable runtime.
vulnerability is caused by insufficient user permissions in Smart-UPS
SRT 5000. Upon successful exploitation, it
allows attackers to read system private information.
Users should apply the solution provided by Schneider Electric.
The vulnerability affected Schneider Electric
Smart-UPS SRT 5000 Network Management Card 2 (NMC2) version 6.9.6 and earlier.
Fortinet reported the vulnerability to Schneider Electric on 8th January, 2021.
Schneider Electric confirmed the vulnerability on 20th January, 2021.
Schneider Electric released patch for the vulnerability on 9th November, 2021.