Growatt Cloud Applications Device Renaming Vulnerability

A vulnerability exists in Growatt cloud applications, specifically in the cloud portal versions through 3.6.0, allowing unauthenticated attackers to rename devices belonging to other users. This issue arises from an authorization bypass that can be exploited by manipulating user-controlled keys.

Impact

Exploitation of this vulnerability could lead to unauthorized changes in device names, potentially causing confusion or disruption in device management.

Remediation

Growatt has reported that the cloud-based vulnerabilities were patched and no user action is needed. Users are advised to update all devices to the latest firmware version when available, use strong passwords, enable multi-factor authentication where applicable, and report any security concerns to Growatt's service email. CISA also recommends minimizing network exposure for control system devices, locating them behind firewalls, and using secure remote access methods like VPNs.