Growatt Cloud Applications External Control of System or Configuration Setting Vulnerability

A vulnerability exists in Growatt Cloud Applications, specifically in the cloud portal versions through 3.6.0, allowing unauthenticated attackers to send configuration settings to devices and potentially perform physical actions remotely, such as turning devices on or off.

Impact

Exploitation of this vulnerability could lead to unauthorized remote control of devices connected to the Growatt Cloud, allowing attackers to manipulate device settings or actions, such as powering devices on or off.

Remediation

Growatt has reported that the cloud-based vulnerabilities were patched and no user action is needed. Additionally, Growatt recommends that users update all devices to the latest firmware version when available, use strong passwords and enable multi-factor authentication where applicable, and report any security concerns to Service@Growatt.com. CISA advises minimizing network exposure for control system devices, locating them behind firewalls, and using secure remote access methods like VPNs.