CVE-2024-33625 – CyberPower PowerPanel Business application cont... (How to Fix)

Q: What is the severity of CVE-2024-33625?

CVE-2024-33625 has a CVSS score of 9.8 (CRITICAL). CyberPower PowerPanel Business application contains a hard-coded JWT signing key, allowing attackers to forge authentication tokens and bypass security controls. This affects organizations using CyberPower PowerPanel Business software for power management. The vulnerability enables unauthorized access to power management systems.

📋 TL;DR

CyberPower PowerPanel Business application contains a hard-coded JWT signing key, allowing attackers to forge authentication tokens and bypass security controls. This affects organizations using CyberPower PowerPanel Business software for power management. The vulnerability enables unauthorized access to power management systems.

💻 Affected Systems

Products:

CyberPower PowerPanel Business

Versions: All versions prior to patched release

Operating Systems: Windows

Default Config Vulnerable: ⚠️ Yes

Notes: Specifically affects PowerPanel Business edition for Windows; other editions may have different implementations.

📦 What is this software?

Powerpanel by Cyberpower

View all CVEs affecting Powerpanel →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Attacker gains administrative access to power management systems, potentially causing physical damage to equipment, disrupting critical infrastructure, or manipulating power settings maliciously.

🟠

Likely Case

Unauthorized access to power management interfaces, allowing attackers to view sensitive system information, modify configurations, or disrupt power operations.

🟢

If Mitigated

Limited impact if systems are isolated from untrusted networks and have additional authentication layers, though the vulnerability remains present.

🌐 Internet-Facing: HIGH

🏢 Internal Only: MEDIUM

🎯 Exploit Status

Public PoC: ✅ No

Weaponized: LIKELY

Unauthenticated Exploit: ⚠️ Yes

Complexity: LOW

Exploitation requires knowledge of the hard-coded key and JWT token structure, but tools for JWT manipulation are widely available.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Check vendor advisory for specific version

Vendor Advisory: https://www.cyberpower.com/global/en/product/sku/powerpanel_business_for_windows#downloads

Restart Required: Yes

Instructions:

1. Download latest version from CyberPower website. 2. Install update following vendor instructions. 3. Restart system and verify new version is running.

🔧 Temporary Workarounds

Network Isolation

all

Restrict network access to PowerPanel Business systems to only trusted internal networks

Additional Authentication Layer

all

Implement VPN or multi-factor authentication for accessing PowerPanel interfaces

🧯 If You Can't Patch

Isolate affected systems from untrusted networks using firewalls or network segmentation
Monitor authentication logs for suspicious JWT token usage or unauthorized access attempts

🔍 How to Verify

Check if Vulnerable:

Check application version against vendor advisory; if running unpatched version, system is vulnerable

Check Version:

Check PowerPanel Business application 'About' section or installed programs list

Verify Fix Applied:

Verify application version matches patched version from vendor advisory and test authentication with invalid tokens

📡 Detection & Monitoring

Log Indicators:

Failed authentication attempts followed by successful access
JWT tokens with unusual signatures or timestamps
Access from unexpected IP addresses

Network Indicators:

Unusual authentication traffic patterns
Requests with manipulated JWT headers

SIEM Query:

source="powerpanel" AND (event_type="authentication" AND result="success") AND NOT (user IN allowed_users)

📊 Metadata

CVE ID: CVE-2024-33625

CVSS v3 Score: 9.8 (CRITICAL)

CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CWE: CWE-259

Published: May 15, 2024

Last Updated: August 4, 2025

🔗 References

https://www.cisa.gov/news-events/ics-advisories/icsa-24-123-01 Third Party Advisory,US Government Resource
https://www.cyberpower.com/global/en/product/sku/powerpanel_business_for_windows#downloads Product
https://www.cisa.gov/news-events/ics-advisories/icsa-24-123-01 Third Party Advisory,US Government Resource
https://www.cyberpower.com/global/en/product/sku/powerpanel_business_for_windows#downloads Product

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2024-33625, you might also want to check these: