Multiple Vulnerabilities Discovered in Vertiv Products

Severity: High (Score: 70.5)

Sources: claroty.com

Published: 2026-06-11 · Updated: 2026-06-11

Keywords: vertiv, affected, products, vulnerability, attacker, recommends, users

Severity indicators: vulnerability, CVE:CVE-2025-41426, CVE:CVE-2025-41426

Summary

Two critical vulnerabilities have been identified in Vertiv products, CVE-2025-41426 and CVE-2025-46412, both published on 2025-05-21. CVE-2025-41426 involves a stack-based buffer overflow that could allow attackers to execute code on affected devices. CVE-2025-46412 allows attackers to bypass authentication due to improper protection of webserver functions. The affected products include Liebert RDU101 and Liebert UNITY. Vertiv has recommended immediate action for users to mitigate these vulnerabilities. Team82, the reporting entity, emphasizes its commitment to coordinated disclosure to enhance cybersecurity. The vulnerabilities pose significant risks to users who have not yet applied the recommended mitigations. Key Points: • CVE-2025-41426 involves a stack-based buffer overflow allowing code execution. • CVE-2025-46412 permits attackers to bypass authentication on webserver functions. • Both vulnerabilities affect Vertiv's Liebert RDU101 and Liebert UNITY products.

Detailed Analysis

**Impact** Vertiv products, specifically the Liebert RDU101 and Liebert UNITY, are affected by two vulnerabilities that could lead to unauthorized code execution and authentication bypass. These vulnerabilities potentially impact organizations using these devices globally, particularly in sectors relying on critical infrastructure and data center operations. The scope includes operational disruptions and exposure of sensitive management interfaces, though no specific data breach or geographic distribution details are provided. **Technical Details** CVE-2025-41426 is a stack-based buffer overflow vulnerability allowing remote code execution on affected devices. CVE-2025-46412 involves improper protection of webserver functions, enabling attackers to bypass authentication controls. Both vulnerabilities affect Vertiv’s Liebert RDU101 and Liebert UNITY products. No malware, tools, or IOCs are mentioned, and the attack vectors involve exploitation of device firmware and webserver authentication mechanisms during the initial access and execution phases of the kill chain. **Recommended Response** Users should apply any available patches or updates from Vertiv addressing these CVEs on Liebert RDU101 and Liebert UNITY devices as a priority. Network defenders should monitor for unusual authentication attempts and signs of code execution on these devices. Hardening webserver configurations and restricting access to management interfaces are advised. No specific indicators of compromise or detection signatures are provided in the articles.

Source articles (2)

CVE-2025-46412 — claroty.com · 2026-06-11
Affected Vertiv products do not properly protect webserver functions that could allow an attacker to bypass authentication. Vertiv recommends users take the following actions: Liebert RDU101, Liebert…
CVE-2025-41426 — claroty.com · 2026-06-11
Affected Vertiv products contain a stack based buffer overflow vulnerability. An attacker could exploit this vulnerability to gain code execution on the device. Vertiv recommends users take the follow…

Timeline

2025-05-21 — CVE-2025-41426 published: A stack-based buffer overflow vulnerability in Vertiv products was disclosed, allowing potential code execution.
2025-05-21 — CVE-2025-46412 published: A vulnerability allowing authentication bypass in Vertiv webserver functions was disclosed.
2026-06-11 — Vertiv recommends user actions: Vertiv advised users of affected products to take immediate actions to mitigate the vulnerabilities.

Multiple Vulnerabilities Discovered in Vertiv Products

Summary

Detailed Analysis

Source articles (2)

Timeline

CVEs

Related entities

Threat Not Found