Summary: Researchers at Forescout have identified over 90 vulnerabilities within solar power products from leading vendors like Sungrow, Growatt, and SMA, highlighting serious risks to electrical grids. Newly discovered vulnerabilities could allow attackers to hijack inverters and execute arbitrary code, potentially disrupting power supply and compromising user data. The affected vendors have been notified, with some vulnerabilities already patched, while others remain unaddressed.
Affected: Sungrow, Growatt, SMA
Keypoints :
- Forescout cataloged 90+ vulnerabilities in solar power products, particularly from Sungrow, Growatt, and SMA.
- Critical weaknesses in Growatt products included 30 vulnerabilities prompting XSS attacks, while Sungrow products revealed DoS and remote code execution vulnerabilities.
- Recommendations for securing solar systems include updating software, changing default passwords, and segmenting networks to monitor for malicious activities.
Source: https://www.securityweek.com/more-solar-system-vulnerabilities-expose-power-grids-to-hacking/