Solar panel stations could fall prey to this devious security hack
Hundreds of panels could still be at risk
Renewable energy stations, particularly in Japan, could be at risk of disruption by hackers thanks to a Contec product vulnerability that has been exploited.
Japanese company’s SolarView products enable active monitoring of solar farms, and have been installed in an estimated 30,000 locations to date according to company information.
The vulnerability, which has been tracked as CVE-2022-29303 since it was identified in April, was awarded a score of 9.8 out of 10, making it ‘critical.’
Smart solar panel modules hack
This, along with more than 20 other exploits, forms part of what Palo Alto Networks describes as a mission to spread a variant of the Mirai botnet. IoT devices have been a clear target of the attacks, with victims including TP-Link, Netgear, and Zyxel.
This is especially troubling because the Mirai botnet which was first discovered in 2016 shows no signs of slowing down. That, in combination with the rise in IoT devices, presents potential for widespread disruption.
For SolarView products in particular, the CVE description reads: “SolarView Compact ver.6.00 was discovered to contain a command injection vulnerability via conf_mail.php.”
VulnCheck suggests that at least 600 SolarView systems are indexed on Shodan, a search engine used to locate Internet-connected devices. While it’s unclear how many devices are still running firmware version 6.00 from 2019, it’s clear that a substantial number of solar panel operators could be at risk of disruption. Furthermore, VulnCheck believes that the vulnerability has existed since at least version 4.00. The most up-to-date version is now 8.10.
Are you a pro? Subscribe to our newsletter
Sign up to the TechRadar Pro newsletter to get all the top news, opinion, features and guidance your business needs to succeed!
Contec, the maker of the SolarView series, has not published any information on the security concern, but general advice to keep all Internet-connected devices updated to the latest firmware still stands.
- Boost your home or business cybersecurity with the best endpoint protection software and best firewalls
With several years’ experience freelancing in tech and automotive circles, Craig’s specific interests lie in technology that is designed to better our lives, including AI and ML, productivity aids, and smart fitness. He is also passionate about cars and the decarbonisation of personal transportation. As an avid bargain-hunter, you can be sure that any deal Craig finds is top value!