Voltronic Power ViewPower Pro

🗓️ 23 Jan 2024 07:00:00Reported by Industrial Control Systems Cyber Emergency Response TeamType

ics🔗 www.cisa.gov👁 35 Views

Voltronic Power ViewPower Pro UPS management software has multiple vulnerabilities including deserialization of untrusted data, missing authentication, OS command injection, and exposed dangerous function. Exploitation could lead to denial-of-service, unauthorized access, and remote code execution. It affects version 2.0-22165 and is used in Critical Manufacturing sectors worldwide. Mitigations include minimizing network exposure and keeping systems updated.

Reporter	Title	Published	Views	Family All 40
ATTACKERKB	CVE-2023-51570	1 Apr 202422:15	–	attackerkb
ATTACKERKB	CVE-2023-51572	1 Apr 202422:15	–	attackerkb
ATTACKERKB	CVE-2023-51573	1 Apr 202422:15	–	attackerkb
ATTACKERKB	CVE-2023-51571	1 Apr 202422:15	–	attackerkb
CNNVD	Voltronic Power ViewPower 安全漏洞	1 Apr 202400:00	–	cnnvd
CNNVD	Voltronic Power ViewPower 安全漏洞	1 Apr 202400:00	–	cnnvd
CNNVD	Voltronic Power ViewPower 安全漏洞	1 Apr 202400:00	–	cnnvd
CNNVD	Voltronic Power ViewPower 安全漏洞	1 Apr 202400:00	–	cnnvd
CNVD	Voltronic Power ViewPower Denial of Service Vulnerability (CNVD-2025-21590)	8 Apr 202400:00	–	cnvd
CNVD	Voltronic Power ViewPower Authentication Bypass Vulnerability	25 Dec 202300:00	–	cnvd

Source	Link
raw	www.raw.githubusercontent.com/cisagov/CSAF/develop/csaf_files/OT/white/2024/icsa-24-023-03.json
cisa	www.cisa.gov/news-events/ics-advisories/icsa-24-023-03
cisa	www.cisa.gov/uscert/ics/alerts/ICS-ALERT-10-301-01
cisa	www.cisa.gov/resources-tools/resources/ics-recommended-practices
cisa	www.cisa.gov/sites/default/files/publications/Cybersecurity_Best_Practices_for_Industrial_Control_Systems.pdf
cisa	www.cisa.gov/topics/industrial-control-systems
us-cert	www.us-cert.cisa.gov/sites/default/files/recommended_practices/NCCIC_ICS-CERT_Defense_in_Depth_2016_S508C.pdf
cisa	www.cisa.gov/uscert/ics/tips/ICS-TIP-12-146-01B

23 Jan 2024 07:00Current

9.9High risk

Vulners AI Score9.9

CVSS 39.8

EPSS0.30347

SSVC