Security News Forescout Uncovers Severe Systemic Security Risks in Global Solar Power Infrastructure

[Gandalf_The_Grey]

Content source

https://www.forescout.com/press-releases/forescout-vedere-labs-uncovers-severe-systemic-security-risks-in-global-solar-power-infrastructure/

Forescout research key findings include:

• 46 new vulnerabilities across three of the world’s top 10 solar inverter vendors worldwide: Sungrow, Growatt, and SMA. Some of these vulnerabilities enable attackers to tamper with inverter settings and compromise user privacy.
• Consistent, severe cybersecurity gaps: On average, 10 vulnerabilities on solar power systems have been disclosed each year over the past three years. Of the 93 previously disclosed vulnerabilities, 80% were classified as high or critical severity and 30% had the highest possible CVSS scores (9.8–10), meaning the attacker could take full control of an affected system.
• Growing geopolitical concerns in solar supply chains: Over half of solar inverter manufacturers (53%) and storage system providers (58%) are based in China. Twenty percent of the monitoring system manufacturers are also from China, raising concerns over the dominance of foreign-made solar power components.

Following responsible disclosure, all vendors have patched the reported issues.

To learn more about the vulnerabilities, realistic attack scenarios and impact, and mitigation advice for owners of smart inverters, utilities, device manufacturers, and regulators, download the full research report, review the summary blog, and join the webinar.

Forescout Vedere Labs Uncovers Severe Systemic Security Risks in Global Solar Power Infrastructure - Forescout

Research identifies 46 new solar power system vulnerabilities, posing a risk to grid stability and availability and potentially allowing attackers to seize control of solar inverters. SAN JOSE, Calif., March 27, 2025 – Forescout Technologies, Inc., a global cybersecurity leader, today published...

www.forescout.com