SunGrow iSolarCloud MQTT Subscription Permission Vulnerability

A vulnerability in SunGrow's iSolarCloud platform allowed users to subscribe to all data from connected devices via the MQTT service. The server lacked proper restrictions on subscription topics, enabling access to all device messages. Although the transmitted data was encrypted and MQTT credentials were obtained through an API call, the credentials could be misused to subscribe to any topic. An attacker could extract MQTT credentials and a decryption key from the iSolarCloud website, then use an external program to subscribe to all device topics and decrypt the received messages.

Impact

Exploitation of this vulnerability allowed for unauthorized access to all MQTT messages from connected devices, including the ability to decrypt these messages, according to DIVD.

Remediation

SunGrow has patched this vulnerability, and it is no longer exploitable.