Ask Me About Webinar: Data Center Assets - Modeling, Cooling, and CFD Simulation Join our 30-minute expert session on July 10, 2025 (9:00 AM & 5:00 PM CET), to explore Digital Twins, cooling simulations, and IT infrastructure modeling. Learn how to boost resiliency and plan power capacity effectively.Register now to secure your spot!
TLStorm vulnerabilities
EcoStruxure IT security
The EcoStruxure IT platform is security hardened with a mandatory two-factor authentication and high encryption standards.
Send a co-worker an invite to the portal.Just enter their email address and we'll connect them to register. After joining, they will belong to the same company.
You have entered an invalid email address. Please re-enter the email address.
This co-worker has already been invited to the Exchange portal. Please invite another co-worker.
Please enter email address
Send InviteCancel
Invitation Sent
Your invitation was sent.Thanks for sharing Exchange with your co-worker.
Based on the current information and analysis available, the EcoStruxure IT Gateway is not impacted by the TLStorm vulnerabilities.
CVE-2022-22806 and CVE-2022-22805
The IT Gateway uses a different TLS implementation than the affected UPSs. These vulnerabilities have not been discovered in that toolchain.
CVE-2022-0715
The EcoStruxure IT Gateway uses different authentication mechanisms and does not have user installable firmware like a UPS.
The IT Gateway does facilitate firmware updates to the NMC on the UPS, via the secure EcoStruxure IT Expert cloud application only, using officially released firmware packages. It does not have the ability to update the firmware on the UPS itself.
For the most accurate device analysis, be sure to keep your APC Network Management Card (NMC) firmware up to date and your Gateway updated to the latest version.