Firmware in Powertek data centre smart power distribution units (PDUs) needs to be patched to avoid multiple critical vulnerabilities, a researcher has found.
A Polish security researcher who goes by the moniker Gynvael Coldwind and who works for Google as a software and security engineer checked the Powertek PDU firmware in March this year, and found multiple bugs.
The two most serious ones are rated as 9.8 out of 10 on the Common Vulnerabilities Scoring System, and comprise an authorisation bypass and an authenticated session token leak respectively.
Other less serious vulnerabilities found in the Powertek PDU firmware version 3.30.23 include a buffer overflow, and a weak default login password that is stored in plain text, the researcher said.
Powertek PDUs are sold both as OEM and rebranded by resellers in the different countries they're available in.
The company patched the vulnerabilities a month ago, but the security researcher said the fixed firmware is difficult to obtain: "... for reasons which I don't fully understand Powertek decided to NOT distribute the new version of firmware publicly on their website, as is the standard way to do it," he said.
Powertek instead sent patches to resellers for distribution to customers.
Rsellers were not allowed to publish the patches either, the researcher said, meaning those who own a Powertek PDU bought second hand would have to contact the company directly to obtain them, or their local distributor.
The researcher reported the vulnerabilities to Powertek in February this year, and says he received legal threats from the PDU maker after he published the blog post, although the company has since then changed tack and expressed an interest in improving their security process.
As has become an infosec researcher habit, the vulnerabilities have been given a name, "Screams of Power", created by a heavy metal band name generator, the researcher said.
