Sunbird DCIM dcTrack and Power IQ
Monitor6.7ICS-CERT ICSA-25-338-05Dec 4, 2025
Attack VectorLocal
Auth RequiredHigh
ComplexityLow
User InteractionNone needed
Summary
Sunbird dcTrack and Power IQ contain credential-related vulnerabilities (CWE-288 improper authentication, CWE-798 hardcoded credentials) that could allow an attacker with local access or default credentials to gain unauthorized access to the systems. Affected versions: dcTrack ≤v9.2.0 and Power IQ ≤v9.2.0. No public exploitation has been reported.
What this means
What could happen
An attacker with local access or knowledge of default credentials could gain administrative access to your DCIM or Power IQ management system, allowing them to view sensitive infrastructure data, modify configurations, or disrupt monitoring and management of your power distribution and IT infrastructure.
Who's at risk
Energy sector organizations using Sunbird dcTrack (data center infrastructure management) or Power IQ (power and cooling management) should assess this risk. This affects any facility relying on these tools to monitor and manage power distribution, cooling systems, or IT infrastructure in data centers or critical infrastructure environments.
How it could be exploited
An attacker with local network access to the management interface could exploit hardcoded or weak credentials to authenticate to dcTrack or Power IQ. Alternatively, if default credentials have not been changed during deployment, an attacker with any network path to the management port could gain administrative access without additional authentication.
Prerequisites
- Local network access to the dcTrack or Power IQ management interface (typically SSH port 22 or web interface)
- Either knowledge of hardcoded credentials, unchanged default credentials, or valid administrative credentials
no patch available for older versionshardcoded or default credentialshigh-privilege access if compromisedaffects infrastructure monitoring and management
Exploitability
Low exploit probability (EPSS 0.1%)
Affected products (2)
2 with fix
ProductAffected VersionsFix Status
DCIM dcTrack: <=v9.2.0≤ v9.2.09.2.3
Power IQ: <=v9.2.0≤ v9.2.09.2.1
Remediation & Mitigation
0/6
Do now
0/2WORKAROUNDChange all SSH and management account passwords immediately during deployment or before placing systems in production
WORKAROUNDRestrict SSH and non-essential port access using IP-based access control lists to allow only authorized management networks
Schedule — requires maintenance window
0/2Patching may require device reboot — plan for process interruption
HOTFIXUpdate dcTrack to version 9.2.3 or later during a scheduled maintenance window
HOTFIXUpdate Power IQ to version 9.2.1 or later during a scheduled maintenance window
Long-term hardening
0/2HARDENINGSegment DCIM and Power IQ systems behind firewalls, restricting access from business networks and the internet
HARDENINGRequire VPN for any remote access to management interfaces and keep VPN software updated to the latest version
CVEs (2)
↑↓ Navigate · Esc Close
API:
/api/v1/advisories/aa762ab5-7da0-4232-94f8-47b92da22f5f