<ciso brief/>
Tag Banner

All news with #sunbird tag

all tags →

Thu, December 4, 2025

Sunbird DCIM dcTrack and Power IQ: Critical Flaws (2025)

#Security Advisory #Patch #Hardcoded Secrets #Sunbird #Authentication Bypass

🔒 CISA warns of two critical vulnerabilities in Sunbird DCIM dcTrack and Power IQ appliances that could enable unauthorized access or credential theft. One is an authentication bypass via alternate remote-access channels (CVE-2025-66238); the other involves hard‑coded/default credentials (CVE-2025-66237) with a CVSS v4 high score of 8.4. Sunbird has released fixes (dcTrack 9.2.3, Power IQ 9.2.1); until systems are updated, CISA recommends restricting SSH and nonessential ports, changing deployment passwords, isolating control networks behind firewalls, and using secure VPNs for remote access.

read more →