Renewable energy stations, particularly in Japan, could be at risk of disruption by hackers thanks to a Contec product vulnerability that has been exploited.
Japanese company’s SolarView products enable active monitoring of solar farms, and have been installed in an estimated 30,000 locations to date according to company information.
The vulnerability, which has been tracked as CVE-2022-29303 since it was identified in April, was awarded a score of 9.8 out of 10, making it ‘critical.’
Smart solar panel modules hack
This, along with more than 20 other exploits, forms part of what Palo Alto Networks describes as a mission to spread a variant of the Mirai botnet. IoT devices have been a clear target of the attacks, with victims including TP-Link, Netgear, and Zyxel.
This is especially troubling because the Mirai botnet which was first discovered in 2016 shows no signs of slowing down. That, in combination with the rise in IoT devices, presents potential for widespread disruption.
For SolarView products in particular, the CVE description reads: “SolarView Compact ver.6.00 was discovered to contain a command injection vulnerability via conf_mail.php.”
VulnCheck suggests that at least 600 SolarView systems are indexed on Shodan, a search engine used to locate Internet-connected devices. While it’s unclear how many devices are still running firmware version 6.00 from 2019, it’s clear that a substantial number of solar panel operators could be at risk of disruption. Furthermore, VulnCheck believes that the vulnerability has existed since at least version 4.00. The most up-to-date version is now 8.10.
Contec, the maker of the SolarView series, has not published any information on the security concern, but general advice to keep all Internet-connected devices updated to the latest firmware still stands.