Primary

Context

SolaX Cloud Device Takeover Vulnerability

Vulnerability

A vulnerability in the SolaX Cloud platform allows unauthorized access to any SolaX solar panel inverter, provided the serial number is known. This issue arises from missing authorization, enabling the takeover of the inverter remotely.

Impact

Exploitation of this vulnerability allows for unauthorized takeover of SolaX solar panel inverters, with potential high impact on subsequent systems.

Remediation

SolaX has released a patch for this vulnerability in SolaX Cloud version 6.9. Users should update to this version.

Added: Sep 10, 2025, 9:20 AM

Updated: Sep 10, 2025, 9:20 AM

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

7.5

exploitability

4.8

remediation

0.0

relevance

0.5

threat

0.0

urgency

2.9

incentive

0.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

7.5

exploitability

4.8

remediation

0.0

relevance

0.5

threat

0.0

urgency

2.9

incentive

0.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

SolaX Cloud Device Takeover Vulnerability

Vulnerability

Impact

Remediation

Affected Products

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating