Emerson Appleton UPSMON-PRO
All CISA Advisories
The Emerson Appleton UPSMON-PRO vulnerability, identified as CVE-2024-3871, is a stack-based buffer overflow that could allow remote attackers to execute arbitrary code with SYSTEM privileges. This critical vulnerability, with a CVSS v4 score of 9.3, affects versions 2.6 and prior of the product, which is now End of Life and unsupported, necessitating immediate action from users.
Impact: Affected products include Emerson Appleton UPSMON-PRO versions 2.6 and prior. The vulnerability could affect critical infrastructure sectors such as Critical Manufacturing, Healthcare, and Public Health worldwide.
Remediation: Users are recommended to replace the Appleton UPSMON-PRO product or apply the following mitigations: block UDP port 2601 at the firewall level for all installations, isolate UPS monitoring networks from general corporate networks, implement network-level packet filtering to reject oversized UDP packets to port 2601, and monitor for UPSMONProSer.exe service crashes. Long-term strategies include replacing UPSMON-PRO with an actively supported UPS monitoring solution and implementing defense-in-depth strategies for critical power infrastructure monitoring.