Cyber security researchers have revealed 46 new security flaws in three solar inverter vendors, sung, groet and SMA products, which can be exploited to create serious risk to electrical grids, to confiscate the control of equipment by a bad actor or to perform a remote code.
Weaknesses have been collectively coded Sun: Below By Vedre Labs.
The company said in a report shared with hacker news, “The exploitation of new weaknesses can be done to execute the arbitrary command on the appliances or vendors’ clouds, to handle accounts, to handle a leg in the seller’s infrastructure or to control the equipment of the inverter owners,” a report shared with the hacker news.
Some of the notable flaws identified are listed below –
- Attackers can upload .ASPX files that will be executed by SMA (Sunnyportal (Sunnyportal) web server[.]com), resulting in remote code execution
- Uncontrolled attackers can expose the calculation of the user name “server.growatt.com/userceenter.do” can through the closing point
- Informal attackers can get a list of arbitrary equipment through the list of plants related to other users, as well as “Server- api.growatt.com/newtwoeicapi.do” and opinion, resulting in device takeover, resulting in device takeover.
- Uncontrolled attackers can get a smart meter serial number using a legitimate user name via “Server-api.growatt.com/newplantapi.do” endpoint, resulting in an account acquisition
- Informal attackers can get information about EV Chargers, Energy Consumption Information, and other sensitive data, “Evgarge.growatt.com/OCPPPPPPP” and Perform the EV Chargers and get information related to the firmware, resulting in information and physical damage to get information related to firmware and get information related to firmware.
- The Android app connected to Sungrow uses an unsafe AES key to encrypte client data, opens the door for a scenario where an attacker can stop communication between mobile apps and isolaclouds.
- The Android application associated with Sungrow clearly ignores certificate errors and is unsafe for anti-in-in-media attacks
- Sungrow’s Winet Webui has a hard-coded password that can be used to decry to all firmware updates
- Many weaknesses in Sungrow while handling MQT Messages that can result in distance code execution or a denial-service position
“An attacker who obtained control of a large fleet of suung, groet, and SMA inverter using new discovered weaknesses, can control enough power for these power grids and other prominent people to create volatility,” Forscout said.
In the scenario of a fictional attack, targeting the Grite Inverter, a threat an actor can estimate the real account user name through an exposed API, can abduct the accounts by resetting their passwords on the default “123456” and performing on follow-on exploitation.
To make cases worse, the inverter’s kidnapped fleet can then be controlled as a botton to increase the attack and damage damage on the grid, causing grid disruption and potential blackout. All vendors have addressed the issues identified after the responsible disclosure.
“Attackers can control the entire fleet of equipment with effects on energy production, they can change their settings to send more or less energy to the grid at certain times,” the forceout said, adding newly discovered faults, highlighting the grid to the cyber-physical ransomware attacks.
Daniel DOS Santos, head of research at Forscout Vedre Labs, said that when purchasing solar equipment to reduce risks, there is a need to implement strict security requirements to assess regular risk, and to ensure complete network visibility in these devices.
This disclosure comes when the monitoring cameras of the production line made by the Japanese company Inaba Denki Sangyo have discovered serious security flaws, which can be exploited for distant monitoring and can prevent recording of production stagnation.
The weaknesses remain unaffected, but the seller has urged customers to restrict and limit internet access that such devices are installed in a safe, restricted area that is accessible to only authorized personnel.
“These flaws enable various attacks, allowing an informal attacker to reach from far and secretly live footage for monitoring, or the recording of the production line stoppage is interrupted to prevent possession of vital moments,” said NOZOI NEWS.
In recent months, Operational Technology (OT) Security Company has also expanded several security defects in GE Vennova N60 Network relay, Zettler 130.8005 Industrial Gateway, and Vaigo 750-8216/025-001 Programable Logic Controller (PLC), which can make weapons for complete control by an attack.
