Hi Felix,
A new version of firmware for impacted devices will be released shortly, this will address the Ripple20 issues. The first devices to get the update will be the with the NMC2 for Smart-UPS, followed by the rPDUg2 range.
In terms of mitigation the advice is as always to follow best practice when securing your critical power infrastructure. We recommend separation of infrastructure assets from the main IT networks through the use of separate switches, VLANs or using the private network on the DCE server. Customers should be using up to date firewalls with intrusion prevention scanning all traffic between the IT and infrastructure networks where NMCs are located. Access to these networks should only be provided to trusted personal.
It might be a good idea to keep an eye on the following link for updates:
https://www.apc.com/ie/en/faqs/FA410359/
Also note that DCE, DCO and most Botz are not impacted with the 250 being the main exception.
-Gavan
