Growatt Cloud Applications Email Address Change Vulnerability Allowing Account Takeover
Vulnerability
A vulnerability exists in the Growatt cloud portal, in all versions through 3.6.0, that allows an attacker to change the registered email addresses of other users, leading to unauthorized access to their accounts. This exploitation can be done by an unauthenticated attacker who knows the username of the target account.
Impact
Exploitation of this vulnerability allows for unauthorized account access, potentially leading to further actions within the account or associated services.
Remediation
Growatt has reported that the cloud-based vulnerabilities were patched and no user action is needed. Users are advised to update devices to the latest firmware version when available, use strong passwords, enable multi-factor authentication where applicable, and report security concerns to Growatt's service email. CISA also recommends minimizing network exposure for control system devices, using firewalls to isolate control system networks from business networks, and employing secure remote access methods like VPNs.
Vulnerability Rating
Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.