Security6.07.2023

Security flaw threatens hundreds of solar power stations

An actively-exploited security vulnerability in a device that monitors solar performance metrics has put hundreds of solar power stations at risk of attack, Ars Technica reports.

The device in question is developed by Japanese company Contec and sold under the SolarView brand.

Under normal operation, it allows legitimate users to track the amount of power solar facilities generate, store, and distribute.

According to Contec’s website, the devices have been rolled out to roughly 30,000 small to medium-sized power stations.

Cybersecurity firm VulnCheck has discovered that 600 of the devices are reachable on the open Internet.

While that on its own is already a problem, over two-thirds of the reachable devices have also not been patched for a severe CVE with a 9.8 out of 10 rating.

CVE is an acronym for Common Vulnerabilities and Exposures — a database of publicly-known information security vulnerabilities aimed at helping system designers and developers mitigate them.

Ars Technica reported that the flaw allowed potentially malicious elements to be entered into user-supplied input, which could allow for remote attacks.

Attackers would theoretically be able to cut or reduce operators’ visibility into their operations, putting the plants in critical danger.

Palo Alto Networks recently confirmed that the CVE in question was being actively exploited by a bad actor using the open-source botnet Mirai, which leverages a network of routers and Internet of Things devices.

VulnCheck researcher Jacob Baines said that the same devices vulnerable to the security flaw were also susceptible to a newer command-injection vulnerability with a severity rating of 9.8.

Although there are no known instances of this vulnerability being exploited in the wild, the exploit code has been on GitHub since February 2023.


Now read: Spyware app gets hacked

Show comments

Latest news

More news

Trending news

Sign up to the MyBroadband newsletter