Vutility Inc. — D4:63:52 (MA-L)

The OUI prefix D4:63:52 is a single MA-L block registered to Vutility Inc., a Sandy, Utah commercial-IoT vendor founded in 2015 that builds self-powered energy sub-metering sensors. The registry address (126 W Sego Lily Ste 150, Sandy, UT 84070, US) matches the company's published headquarters, and the block appears only in the MA-L registry — not in the MA-M or MA-S files — so it covers the full 24-bit OUI. What makes this prefix unusual on a network scan is the hardware behind it: Vutility's HotDrop (a clip-on, battery-free current sensor for conductors up to 600 V AC across a 300 A–4000 A range), VoltDrop (active energy, voltage, and power-factor monitor), and PulseDrop (gas/water/electric pulse counter) are all LoRaWAN 1.0.2 Class-A nodes. They communicate over 868 MHz, 915 MHz, and AS923 sub-GHz bands — not Wi-Fi or Bluetooth — so a D4:63:52 MAC implies a LoRaWAN gateway shares the segment, not a consumer device on the 2.4 GHz band. These are legitimate in OT and building-automation contexts (offices, industrial sites, cell towers, campgrounds) and would be unexpected on a pure enterprise IT LAN. On security: Vutility documents dual-cipher AES-128 at the LoRaWAN layer plus an application-layer pass, ISO/ISAE-certified cloud, and JWT-authenticated API access. No Vutility-specific CVEs surfaced; the relevant threat class is general LoRaWAN-stack vulnerabilities (the Tencent Blade "LoRaDawn" series, CVE-2020-11068, CVE-2020-4060), which apply at the protocol level rather than to Vutility hardware specifically. As with all OUI work, no IEEE assignment date is published — third-party "date registered" fields are database artifacts, not IEEE facts.

IEEE assignment

D4:63:52 → Vutility Inc., registered Sandy, UT, US [Confirmed] — enrichment/registries/oui.csv (MA-L) + maclookup.app (two angles agree)

Registry / block size

MA-L (24-bit OUI); 1 block; not present in MA-M (mam.csv) or MA-S (oui36.csv) [Confirmed] — enrichment/registries oui.csv/mam.csv/oui36.csv. NOTE: IEEE publishes NO assignment/registration date; any third-party "date registered" is a database artifact, not an IEEE fact.

Company / org name

Vutility Inc. [Confirmed] — IEEE MA-L registry + maclookup.app

HQ / registered address

126 W Sego Lily Ste 150, Sandy, UT 84070, US (registry address = published HQ) [Confirmed] — IEEE MA-L registry; vutility.com

Country

US [Confirmed] — IEEE MA-L registry

Company status

active; founded 2015; HQ Sandy, Utah. Won Frost & Sullivan 2021 Customer Value Leadership Award (North American IoT Energy Monitoring for Building Management). [Confirmed] — prnewswire.com, techbuzznews.com

Website

https://vutility.com [Confirmed] — vutility.com

Device types

IoT sub-metering sensors — HotDrop (self-powered clip-on current sensor, 600 V AC, 300 A–4000 A), VoltDrop (active energy / voltage / power factor / amperage), PulseDrop (gas/water/electric pulse counter). All LoRaWAN 1.0.2 Class-A nodes; D4:63:52 expected on HotDrop, VoltDrop, PulseDrop. [Confirmed] — vutility.com/products/hotdrop, lora-alliance.org marketplace listing

Notable products

HotDrop, HotDrop Direct (customer-managed LoRa variant), VoltDrop Direct, PulseDrop; 4,500+ sensors deployed as of 2022–2023. [Confirmed] — vutility.com, mydevices.com product listings

Industry

commercial/industrial IoT energy sub-metering and building management (B2B); partners include Engie, Chevron, Constellation (Exelon), MachineQ, Logical Buildings. [Confirmed] — prnewswire.com

Wireless protocol

LoRaWAN 1.0.2, bands 868 MHz SRD / 915 MHz ISM / AS923; Class-A battery-free nodes. NOT Wi-Fi or Bluetooth — will not appear on a 2.4 GHz Wi-Fi scan. [Confirmed] — HotDrop marketing sheet (PDF), vutility.com/products/hotdrop

Security context

dual-cipher AES-128 at the LoRaWAN layer (NwkSKey + AppSKey per LoRaWAN 1.0.2) plus an application-layer encryption pass ("dual-cypher" per FAQ); ISO/ISAE-certified cloud; JWT bearer-token API auth; AppKey/AppEUI managed by Vutility support, not in device docs. No device-specific CVEs found. Class-level LoRaWAN risks (LoRaDawn series, CVE-2020-11068, CVE-2020-4060) apply at the protocol layer, not to Vutility hardware specifically. [Confirmed] — vutility.com/support/faq, blade.tencent.com LoRaDawn advisory

IEEE assignment date

Unknown — IEEE does not publish OUI assignment dates; third-party "date registered" fields are database artifacts. Stays null. [Confirmed]

Analyst note

A D4:63:52 OUI indicates a Vutility LoRaWAN sub-metering sensor (HotDrop/VoltDrop/PulseDrop). These are commercial-grade IoT devices for real-time energy monitoring; they do NOT use Wi-Fi, so seeing them on a MAC scan implies a LoRaWAN gateway on the segment. Legitimate in OT/building-automation; unexpected on a pure enterprise IT LAN. No Vutility-specific CVEs; LoRaWAN-stack vulnerabilities (LoRaDawn) are the relevant threat class. [Confirmed] — vutility.com, blade.tencent.com