Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
An issue was discovered in SMA Solar Technology products. An attacker can use Sunny Explorer or the SMAdata2+ network protocol to update the device firmware without ever having to authenticate. If an attacker is able to create a custom firmware version that is accepted by the inverter, the inverter is compromised completely. This allows the attacker to do nearly anything: for example, giving access to the local OS, creating a botnet, using the inverters as a stepping stone into companies, etc. NOTE: the vendor reports that this attack has always been blocked by "a final integrity and compatibility check." Also, only Sunny Boy TLST-21 and TL-21 and Sunny Tripower TL-10 and TL-30 could potentially be affected
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
SMA Solar Technology inverter 访问控制错误漏洞
Vulnerability Description
SMA Solar Technology inverter是德国SMA公司的一款光伏逆变器设备。 SMA Solar Technology inverter中存在访问控制错误漏洞。攻击者可利用该漏洞升级设备的固件。
CVSS Information
N/A
Vulnerability Type
N/A