CVE-2023-29412

Name of the Vulnerable Software and Affected Versions APC Easy UPS Online Monitoring Software versions (affected versions not specified) Schneider Electric APC Easy UPS Online (affected versions not specified)

Description A vulnerability exists due to improper neutralization of special elements used in an OS command, which could cause remote code execution when manipulating internal methods through the Java RMI interface. This issue may allow a remote attacker to execute arbitrary code.

Recommendations For APC Easy UPS Online Monitoring Software, restrict access to the Java RMI interface until a patch is available. For Schneider Electric APC Easy UPS Online, avoid using the getMacAddressByIP function until the issue is resolved. As a temporary workaround, consider disabling the Java RMI interface to minimize the risk of exploitation.