With the recent announcement of the Log4j2 vulnerability, CyberPower has done an evaluation of our products to ensure there are no risks for our customers. Here are the details from the assessment.
PowerPanel Business 4 software is the only CyberPower product that uses Log4j. NOTE: PowerPanel Personal, PowerPanel Cloud, Power Device Network Utility, and the RMCARD205/PDU firmware do not use Log4j.
PowerPanel Business 4 software does not use any of the vulnerable versions of Log4j2 and there are no known threats with the version of Log4j being used.
All CyberPower software and firmware is scanned with Nessus Vulnerability Scanner, an industry standard vulnerability scanner, to ensure our products are secure. PowerPanel Business 4 has been verified with the latest version of Nessus to be clear of any vulnerabilities.
If there are any questions regarding this Technical Notice for CyberPower products, please contact CyberPower directly at firstname.lastname@example.org or 877-297-6937.
Cyber Power Systems (USA), Inc.