Certitude @ BSides Berlin: A Closer Look at UPS Vulnerabilities

On October 26, 2024, our colleague Wolfgang Ettlinger presented an eye-opening talk at BSides Berlin titled, “Can an Attacker with Full Control Over a UPS’s Firmware Blow Up Its Batteries?” This presentation tackled an often-overlooked dimension of cybersecurity: the intersection of firmware security and physical safety in critical infrastructure components.

UPS (Uninterruptible Power Supply) systems play a vital role in protecting essential equipment from power interruptions. However, Wolfgang’s talk revealed how these systems can become points of vulnerability if attackers gain control over their firmware. With this control, they could potentially manipulate charging parameters, overload batteries, and create dangerous overheating situations that could lead to physical damage – or even explosions.

We want to thank Sides Berlin for providing this valuable platform for exchange with the security community!