ICSA-22-263-03 · Published 2023-05-04 · View on CISA ICS-CERT ↗

Dataprobe iBoot-PDU

CVSS 9.8 CRITICAL

Risk Summary

Successful exploitation of these vulnerabilities could lead to unauthenticated remote code execution on the Dataprobe iBoot-PDU device.

CVEs (12)

CVE-2022-3183 CVE-2022-3184 CVE-2022-3185 CVE-2022-3186 CVE-2022-3187 CVE-2022-3188 CVE-2022-3189 CVE-2022-46658 CVE-2022-46738 CVE-2022-47320 CVE-2022-47311 CVE-2022-4945

Remediations

iBoot-PDU FW: Version 1.42.06162022
Dataprobe also recommends users to disable the SNMP if it is not in use.

Affected Vendors

Dataprobe

Affected Products (1)

Dataprobe · Dataprobe iBoot-PDU FW < 1.42.06162022

Affected Sectors

Critical Manufacturing

Get alerted to advisories like this

OTWarden monitors CISA, BSI, Siemens, Rockwell and more — and emails you within 2 hours when your vendors are affected.

Start free trial Learn more