Growatt Cloud Applications File Upload Vulnerability Allowing Arbitrary File Upload

A vulnerability exists in the Growatt cloud portal, in all versions through 3.6.0, that allows an attacker to upload arbitrary files instead of the intended plant images. This issue arises from insufficient validation of file types, enabling the upload of potentially harmful files.

Impact

Exploitation of this vulnerability could lead to unauthorized file uploads, which may be used to execute malicious code or disrupt service.

Remediation

Growatt has reported that this vulnerability has been patched in the cloud-based applications, and no user action is needed. Users are advised to update their devices to the latest firmware version when available, use strong passwords, enable multi-factor authentication where applicable, and report any security concerns to Growatt's service email. CISA also recommends minimizing network exposure for control system devices, using firewalls to isolate control system networks from business networks, and employing secure remote access methods like VPNs.