Researchers at cybersecurity firm Forescout have found dozens of vulnerabilities across solar power system products from Sungrow, Growatt and SMA, including flaws that can pose a serious threat to electrical grids.
Solar power has become increasingly important, particularly in the United States and Europe. However, these systems are often plagued by vulnerabilities that expose them to hacker attacks. Forescout has cataloged more than 90 vulnerabilities found over the past years in such products, and the company’s researchers recently identified 46 other flaws.
The security firm has analyzed products from the ten biggest solar power system vendors and found serious vulnerabilities in products from Sungrow, Growatt and SMA.
The main components of a solar plant are the solar panels, which generate DC power, and the inverters, which convert the DC power to AC power, enabling the harvested electricity to be fed into a commercial grid or used locally.
In addition, modern solar plants have several cyber components, including a communication component that connects the system to the internet, a cloud service where data is sent for monitoring and control, and a mobile application that enables the user to interact with the cloud service.
In the case of the SMA product, Forescout discovered a single vulnerability, which allows an attacker to upload a malicious file that will enable arbitrary code execution on the cloud platform server.
[ Read: China’s Volt Typhoon Hackers Dwelled in US Electric Grid for 300 Days ]
In Growatt products the researchers discovered 30 vulnerabilities that can be exploited for XSS attacks, to obtain potentially valuable information, take over devices, and cause physical damage to the system.
More than a dozen vulnerabilities were found in Sungrow products, including insecure direct object reference (IDOR) issues, which can lead to sensitive information disclosure, as well as security holes allowing DoS attacks and remote code execution.
Some of the vulnerabilities found by Forescout in these products can allow threat actors to hijack a significant number of inverters and abuse them for attacks on the power grid, including to potentially cause prolonged malfunctions.
“We can hypothesize that an attacker that gained control of a large fleet of Sungrow, Growatt, and SMA inverters using the newly discovered vulnerabilities could control enough power to cause instability to [power grids],” Forescout said in a report.
In addition, the identified vulnerabilities could allow an attacker to obtain the personal information of these products’ users, exploit compromised devices to hijack other devices on the same network, and cause financial impact to grid operators through energy price manipulation and ransomware attacks.
The impacted vendors have been notified. SMA and Sungrow patched all the vulnerabilities and published advisories to notify customers. In the case of Sungrow and SMA, the US cybersecurity agency CISA published its own advisories, noting that the impacted products are used in the energy sector worldwide.
Growatt patched a few of the reported vulnerabilities, but most remained unfixed as of late February, according to Forescout.
As NIST guidelines show, the general recommendations for securing solar systems are the same as for any other type of product, including changing default credentials, using access control mechanisms, updating software, performing backups, disabling unused features, and protecting communications.
In addition, Forescout has advised owners of commercial installations to include security requirements in the procurement process, conduct risk assessments when setting up devices, ensure that they have visibility into the system, and add these devices to separate network segments, which are continuously monitored for signs of malicious activity.
Related: Vulnerabilities Exposed Widely Used Solar Power Systems to Hacking, Disruption
Related: Siemens Patches Power Grid Product Flaw Allowing Backdoor Deployment
About The Author
Original post here
