Growatt Cloud Applications Stored Cross-Site Scripting Vulnerability

A stored cross-site scripting vulnerability has been identified in the Growatt cloud portal, affecting versions through 3.6.0. This issue arises from inadequate sanitization of the plant name value when adding or editing a plant, allowing authenticated attackers to inject malicious JavaScript that is executed in the context of the user.

Impact

Exploitation of this vulnerability allows for stored cross-site scripting, where injected scripts are executed in the context of the user.

Remediation

Growatt has reported that the cloud-based vulnerabilities were patched and no user action is needed. Users are advised to update all devices to the latest firmware version when available, use strong passwords, enable multi-factor authentication where applicable, and report any security concerns to Growatt's service email. CISA recommends minimizing network exposure for control system devices, using firewalls to isolate control system networks from business networks, and employing secure remote access methods like VPNs.