By
·
1 minute read
Cybersecurity experts have discovered a total of 46 critical vulnerabilities in solar inverters manufactured by Sungrow, Growatt, and SMA, which are collectively referred to as the SUN:DOWN vulnerabilities. These security flaws are of significant concern as they could potentially allow attackers to execute arbitrary commands on the systems, compromise user accounts, and even destabilise entire electrical grids. The implications of such vulnerabilities are vast, as they could lead to unauthorised control over solar energy systems, resulting in severe disruptions.
Key Vulnerabilities include:
SMA: Attackers have the capability to upload malicious .aspx files to the sunnyportal.com web server. This action can lead to remote code execution, allowing attackers to run unauthorised software on the server, which could compromise the integrity and security of the entire system.
Growatt: The presence of unprotected API endpoints is a major concern as it allows unauthenticated individuals to enumerate usernames and gain unauthorised access to user plant lists and devices. This vulnerability facilitates the takeover of accounts and devices, posing a significant risk to the security of user data and the operational stability of the systems.
Sungrow: The associated Android application is particularly vulnerable due to its use of an insecure AES key and its disregard for certificate errors. This makes it susceptible to adversary-in-the-middle attacks, where attackers can intercept and manipulate communications. Additionally, the use of hard-coded passwords in the WiNet WebUI allows attackers to decrypt all firmware updates, further compromising the security of the system.
Exploiting these vulnerabilities could enable attackers to gain control over numerous inverters, which could potentially lead to grid instability or even widespread blackouts. Such scenarios underscore the critical importance of addressing these security issues promptly. Fortunately, all identified issues have been addressed by the respective vendors following responsible disclosure. This discovery serves as a stark reminder of the necessity for stringent security measures in operational technology to safeguard critical infrastructure and ensure the reliability and safety of energy systems.