TLStorm 2.0 Critical bugs in widely-used Aruba, Avaya network switches

TLStorm is a set of three major vulnerabilities in APC Smart-UPS systems that allow an attacker to take control of them via the internet without requiring any user involvement, culminating in the UPS overflowing and killing itself in a cloud of smoke.

The primary source of these flaws was Mocana’s exploitation of NanoSSL, a popular TLS package. Their researchers discovered dozens of devices that used the Mocana NanoSSL library using the Armis knowledgebase. Not only APC Smart-UPS devices, but also two popular network switch vendors are vulnerable by a similar implementation problem in the library, according to the research. While the functions and levels of trust inside the network differ across UPS units and network switches, the underlying TLS implementation flaws might have disastrous implications. Read More…