Deceptive Security Breach Poses Threat to Solar Panel Stations

Renewable energy stations, particularly in Japan, are facing potential disruption from hackers due to a vulnerability in Contec’s SolarView products.

SolarView products, developed by a Japanese company, allow for active monitoring of solar farms and have been widely installed in approximately 30,000 locations, according to company data.

This particular vulnerability, identified as CVE-2022-29303 since April, has been deemed “critical” with a score of 9.8 out of 10.

Exploiting Smart Solar Panel Modules

Exploiting this vulnerability forms part of Palo Alto Networks’ mission to spread a variant of the Mirai botnet, along with over 20 other exploits. The attacks have primarily targeted IoT devices, including TP-Link, Netgear, and Zyxel.

This situation raises concerns because the Mirai botnet, first discovered in 2016, continues to pose a significant threat. Coupled with the exponential increase in IoT devices, there is potential for widespread disruption.

Regarding the SolarView products specifically, the CVE description states, “SolarView Compact ver.6.00 was found to have a command injection vulnerability via conf_mail.php.”

VulnCheck reports that at least 600 SolarView systems are indexed on Shodan, an Internet-connected device search engine. While the number of devices still operating on the outdated 2019 firmware version 6.00 is unknown, a substantial number of solar panel operators could be at risk. VulnCheck also believes that the vulnerability has existed since version 4.00, and the most recent version available is 8.10.

Contec, the manufacturer of the SolarView series, has not released any information regarding this security concern. However, it is crucial to keep all Internet-connected devices, including SolarView systems, updated with the latest firmware as a general precautionary measure.

 

Reference

Denial of responsibility! TechCodex is an automatic aggregator of the all world’s media. In each content, the hyperlink to the primary source is specified. All trademarks belong to their rightful owners, and all materials to their authors. For any complaint, please reach us at – [email protected]. We will take necessary action within 24 hours.
Denial of responsibility! TechCodex is an automatic aggregator of Global media. In each content, the hyperlink to the primary source is specified. All trademarks belong to their rightful owners, and all materials to their authors. For any complaint, please reach us at – [email protected]. We will take necessary action within 24 hours.
DMCA compliant image

Leave a Comment