Primary

Context

Vertiv Liebert Products Authentication Bypass Vulnerability Allowing Webserver Access

Vulnerability

Patched

An authentication bypass vulnerability has been identified in certain Vertiv Liebert products, including the RDU101 and UNITY models. This vulnerability arises because the affected products do not adequately secure webserver functions, potentially allowing an attacker to bypass authentication. The issue is present in Liebert RDU101 versions through 1.9.0.0 and in Liebert UNITY versions through 8.4.1.0.

Impact

Exploitation of this vulnerability could lead to unauthorized access to webserver functions, allowing for potential authentication bypass. According to CISA, this vulnerability could also be exploited to cause a denial-of-service condition or achieve remote code execution on the affected device.

Remediation

Users are advised to update Liebert RDU101 to version 1.9.1.2_0000001 and Liebert UNITY to version 8.4.3.1_00160. For more information, contact Vertiv or visit the Vertiv Security Support Center.

Added: Jun 9, 2025, 7:46 PM

Updated: Jun 9, 2025, 7:46 PM

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

5.0

exploitability

7.4

remediation

7.7

relevance

0.0

threat

0.0

urgency

2.9

incentive

5.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

5.0

exploitability

7.4

remediation

7.7

relevance

0.0

threat

0.0

urgency

2.9

incentive

5.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vertiv Liebert Products Authentication Bypass Vulnerability Allowing Webserver Access

Vulnerability

Impact

Remediation

Affected Products

Vertiv Liebert RDU101

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating