Dataprobe iBoot-PDU

Act Now9.8ICS-CERT ICSA-22-263-03Sep 20, 2022

Attack VectorNetwork

Auth RequiredNone

ComplexityLow

User InteractionNone needed

Summary

Dataprobe iBoot-PDU firmware versions prior to 1.43.03312023 contain multiple critical vulnerabilities including command injection (CWE-78), path traversal (CWE-22), information disclosure (CWE-200), and improper access controls (CWE-284, CWE-863). These flaws allow an unauthenticated attacker with network access to execute arbitrary commands, read configuration and credential files, or manipulate power outlet states. The vulnerabilities stem from insufficient input validation and weak authentication mechanisms across web interfaces and SNMP functionality.

What this means

What could happen

An attacker with network access to a Dataprobe iBoot-PDU could remotely execute commands, read sensitive data (like administrative credentials), or disable power distribution—potentially shutting down critical equipment at water or electrical facilities.

Who's at risk

Water authorities and electric utilities operating Dataprobe iBoot-PDU power distribution units should prioritize this. The vulnerability affects any facility using iBoot-PDU for remote outlet control on critical systems, backup power, or networked equipment racks.

How it could be exploited

An attacker on the network can send a specially crafted command to the iBoot-PDU (port 80/443 or SNMP) without authentication. The device processes the command due to missing input validation and insufficient access controls, allowing the attacker to run arbitrary code, access configuration files, or manipulate outlet power controls.

Prerequisites

Network access to the iBoot-PDU (HTTP, HTTPS, or SNMP ports)
No authentication required to exploit most vulnerabilities
Device must be running firmware version prior to 1.43.03312023

remotely exploitableno authentication requiredlow complexityaffects power distribution/availabilityhigh CVSS (9.8)allows command execution and credential theft

Exploitability

Moderate exploit probability (EPSS 2.6%)

Affected products (1)

ProductAffected VersionsFix Status

iBoot-PDU FW: All< 1.42.061620221.43.03312023

Remediation & Mitigation

0/4

Do now

0/3

WORKAROUNDDisable SNMP service on the iBoot-PDU if not required for monitoring

HARDENINGPlace iBoot-PDU behind a firewall and restrict network access to only authorized management systems

HARDENINGIsolate the iBoot-PDU from the business network; do not expose to the Internet

Schedule — requires maintenance window

0/1

Patching may require device reboot — plan for process interruption

HOTFIXUpdate iBoot-PDU firmware to version 1.43.03312023 or later

CVEs (12)

CVE-2022-3183 CVE-2022-3184 CVE-2022-3185 CVE-2022-3186 CVE-2022-3187 CVE-2022-3188 CVE-2022-3189 CVE-2022-46658 CVE-2022-46738 CVE-2022-47320 CVE-2022-47311 CVE-2022-4945

View full CISA ICS-CERT advisory

↑↓ Navigate · Esc Close

API: /api/v1/advisories/4258a8c3-bdc1-4e49-aaa2-a11cf1504cf3