- Experts claim solar inverter vulnerabilities could lead to damage to the power grid
- Devices could be taken over and switched off, increasing grid load
- 46 vulnerabilities discovered, with some potentially exposing user information
Solar inverters could be hijacked by cybercriminals to disrupt power supplies and damage the electrical grid.
46 vulnerabilities were found by Forescout [PDF] in solar inverters produced by Sungrow, Growatt, and SMA.
Many of the vulnerabilities could lead to remote code execution (RCE), denial of service, device takeover, as well as access to cloud platforms and sensitive information.
Power grid hijacking
For SMA devices, only a single vulnerability was found, CVE-2025-0731, that allows an attacker to use a demo account to upload a .aspx (Active Server Page Extended) file instead of a photovoltaic (PV) system picture, with the file then being executed by the sunnyportal.com web server.
As for Sungrow solar inverters, insecure direct object reference (IDOR) vulnerabilities tracked as CVE-2024-50685, CVE-2024-50686, and CVE-2024-50693 could allow an attacker to harvest communication dongle serial numbers.
CVE-2024-50692 allows an attacker to use hard-coded MQTT credentials to send arbitrary commands to an arbitrary inverter dongle, or commit man-in-the-middle (MitM) attacks against MQTT communications.
The attacker can also use one of several critical stack overflow vulnerabilities (CVE-2024-50694, CVE-2024-50695, CVE-2024-50698) to remotely execute code on server connected dongles. Using this flow of vulnerabilities, an attacker could potentially reduce power generation during peak times to increase the load on the grid.
Growatt inverters can be hijacked via the cloud backend by listing usernames from an exposed Growatt API, and then use these usernames for account-takeover through two IDOR vulnerabilities.
All of the disclosed vulnerabilities have since been patched by the manufacturers.
You might also like
- Take a look at the best endpoint protection
- These are the best internet security suites
- Malicious npm packages use devious backdoors to target users
​Â
This articles is written by : Nermeen Nabil Khear Abdelmalak
All rights reserved to : USAGOLDMIES . www.usagoldmines.com
You can Enjoy surfing our website categories and read more content in many fields you may like .
Why USAGoldMines ?
USAGoldMines is a comprehensive website offering the latest in financial, crypto, and technical news. With specialized sections for each category, it provides readers with up-to-date market insights, investment trends, and technological advancements, making it a valuable resource for investors and enthusiasts in the fast-paced financial world.