1. Forum
  2. tqwNet
  3. TQW_GENTECH

  • Solar panel stations could fall prey to this devious security hac

    From TechnologyDaily@1337:1/100 to All on Thu Jul 6 15:15:03 2023
    Solar panel stations could fall prey to this devious security hack

    Date:
    Thu, 06 Jul 2023 14:10:06 +0000

    Description:
    Solar panel monitoring systems have been vulnerable for years, yet many
    remain unpatched, experts warn.

    FULL STORY ======================================================================

    Renewable energy stations, particularly in Japan, could be at risk of disruption by hackers thanks to a Contec product vulnerability that has been exploited.

    Japanese companys SolarView products enable active monitoring of solar farms, and have been installed in an estimated 30,000 locations to date according to company information.

    The vulnerability, which has been tracked as CVE-2022-29303 since it was identified in April, was awarded a score of 9.8 out of 10, making it
    critical. Smart solar panel modules hack

    This, along with more than 20 other exploits, forms part of what Palo Alto Networks describes as a mission to spread a variant of the Mirai botnet. IoT devices have been a clear target of the attacks, with victims including TP-Link, Netgear, and Zyxel. Read more

    These are the best malware removal tools


    A new Mirai variant is targeting IoT devices - here's how to stay safe


    CISA is worried that critical infrastructure is vulnerable to ransomware
    attacks

    This is especially troubling because the Mirai botnet which was first discovered in 2016 shows no signs of slowing down. That, in combination with the rise in IoT devices, presents potential for widespread disruption.

    For SolarView products in particular, the CVE description reads: SolarView Compact ver.6.00 was discovered to contain a command injection vulnerability via conf_mail.php.

    VulnCheck suggests that at least 600 SolarView systems are indexed on
    Shodan, a search engine used to locate Internet-connected devices. While its unclear how many devices are still running firmware version 6.00 from 2019, its clear that a substantial number of solar panel operators could be at risk of disruption. Furthermore, VulnCheck believes that the vulnerability has existed since at least version 4.00. The most up-to-date version is now 8.10.

    Contec, the maker of the SolarView series, has not published any information on the security concern, but general advice to keep all Internet-connected devices updated to the latest firmware still stands. Boost your home or business cybersecurity with the best endpoint protection software and best firewalls



    ======================================================================
    Link to news story: https://www.techradar.com/pro/solar-panel-stations-could-fall-prey-to-this-dev ious-security-hack


    --- Mystic BBS v1.12 A47 (Linux/64)
    * Origin: tqwNet Technology News (1337:1/100)