Finding and Exploiting Bugs in TLS Libraries Used by Smart UPS Devices

Explore the security vulnerabilities in "Smart" UPS devices through this conference talk. Delve into zero-click preauthentication vulnerabilities discovered in a prominent UPS vendor's products. Examine the physical threats associated with controlling battery-powered devices remotely. Learn about the potential risks of cloud-connected UPS systems and their impact on an organization's power infrastructure. Witness a demonstration of an attack that can cause physical damage to these devices. Gain insights from security researcher Yuval Sarel on hunting zero-days, reverse engineering, and developing innovative security solutions for IoT devices.

Finding And Exploiting Bugs In TLS Libraries Used By “Smart” UPS Devices by Yuval Sarel and Gal Levy