Numerous security vulnerabilities have been discovered in the solar system management platforms operated by Chinese companies Solarman and Deye by cybersecurity researchers.
Researchers studying cybersecurity have found many security flaws in photovoltaic system management platforms run by Chinese businesses Solarman and Deye. These flaws could allow hostile actors to interrupt operations and create blackouts.
In a report released last week, Bitdefender researchers stated that, “if exploited, these vulnerabilities could allow an attacker to control inverter settings that could take parts of the grid down, potentially causing blackouts.”
As of July 2024, Solarman and Deye have fixed the vulnerabilities, which were responsibly disclosed on May 22, 2024.
The two PV monitoring and management systems, according to the Romanian cybersecurity company that examined them, have several problems that could lead to account takeover and information leakage, among other things.
Here’s a summary of the issues:
Complete Account Takeover through Permission Using the /oauth2-s/oauth/token API endpoint to manipulate tokens
Reusing Deye Cloud Tokens
Data breach via the /group-s/acc/orgs API endpoint: Hard-coded Account with Unrestricted Device Access (password: 123456)/Account: “[email protected]”
Details exposed via the /user-s/acc/orgs API endpoint: Possible unauthorized access generation of tokens
If the aforementioned vulnerabilities are successfully exploited, attackers may be able to take control of any Solarman account, obtain confidential information about all registered organizations, and repurpose JSON Web Tokens (JWTs) from Deye Cloud to access Solarman accounts without authorization.
They might also seriously jeopardize the platform’s integrity and confidentiality by gaining access to private registered user data, information on any Deye device, and even the ability to create authentication tokens for any user.
“Attackers can take over accounts and control solar inverters, disrupting power generation and potentially causing voltage fluctuations,” according to the study.
“Confidential data about individuals and institutions may be exposed, which may result in breaches of privacy, data collection, focused phishing scams, or other malevolent actions. Attackers can affect grid stability and possibly trigger blackouts by gaining access to and altering settings on solar inverters, which can result in significant power distribution problems.”
Do Follow: CIO News LinkedIn Account | CIO News Facebook | CIO News Youtube | CIO News Twitter
About us:
CIO News is the premier platform dedicated to delivering the latest news, updates, and insights from the CIO industry. As a trusted source in the technology and IT sector, we provide a comprehensive resource for executives and professionals seeking to stay informed and ahead of the curve. With a focus on cutting-edge developments and trends, CIO News serves as your go-to destination for staying abreast of the rapidly evolving landscape of technology and IT. Founded in June 2020, CIO News has rapidly evolved with ambitious growth plans to expand globally, targeting markets in the Middle East & Africa, ASEAN, USA, and the UK.
CIO News is a proprietary of Mercadeo Multiventures Pvt Ltd.
