©2026 Cisco and/or its affiliates. Snort, the Snort and Pig logo are registered trademarks of Cisco. All rights reserved.
SERVER-OTHER -- Snort has detected traffic exploiting vulnerabilities in a server in the network.
SERVER-OTHER Schneider Electric APC UPS Online command injection attempt
This rule looks for Java RMI return data that contains identifiers associated with a remote invocation handler and unicast reference objects. Successful exploitation could allow an attacker to execute arbitrary commands on the UPS device.
This rule fires on attempts to exploit a command injection vulnerability in Schneider Electric APC UPS devices via Java RMI.
No public information
No known false positives
Cisco Talos Intelligence Group
MITRE::ATT&CK Framework::Enterprise::Initial Access::Drive-by Compromise
Rule Categories::Server::Other
Vulnerability::Severity::Critical
Vulnerability::Severity::High
Insecure Deserialization
Insecure Deserialization relates to web application security. Applications turn an object into data through serialization; the reverse of that process, deserialization, can be vulnerable to attacks when the application trusts the data that is being deserialized. Serialized data is machine readable and not encrypted; serialized user-supplied data should not be trusted. Deserialization attacks can lead to remote code execution.
CVE-2023-29412 |
Loading description
|
©2026 Cisco and/or its affiliates. Snort, the Snort and Pig logo are registered trademarks of Cisco. All rights reserved.