Security Vulnerabilities in Solarman and Deye Solar Systems
Cybersecurity experts have uncovered critical security flaws in photovoltaic system management platforms run by Chinese firms Solarman and Deye that could potentially lead to power disruptions and blackouts.
Recent analysis by Bitdefender researchers revealed that these vulnerabilities could be exploited by attackers to manipulate inverter settings, causing significant parts of the power grid to fail and triggering widespread blackouts.
Solarman and Deye have since patched these vulnerabilities in response to responsible disclosure efforts made in May 2024.
The analysis by the Romanian cybersecurity firm highlighted various issues within the platforms, including account takeover risks and potential information disclosure.
The vulnerabilities include:
- Full Account Takeover via Authorization Token Manipulation
- Deye Cloud Token Reuse
- Information Leak through API Endpoint
- Hard-coded Account with Unrestricted Device Access
- Potential Unauthorized Authorization Token Generation
These vulnerabilities could allow malicious actors to compromise Solarman accounts, reuse JWTs for unauthorized access, and access private information about organizations and users.
The researchers warned that these exploits could lead to account takeovers, power disruptions, and leakage of sensitive information, posing severe risks to grid stability and potentially causing blackouts.
“Protecting against such vulnerabilities is crucial to ensure the integrity and security of critical infrastructure,” the experts emphasized.
Stay informed on cybersecurity news and updates by following us on Twitter and LinkedIn.