EG4 Electronics EG4 Inverters Improper Restriction of Excessive Authentication Attempts Vulnerability

Vulnerability

A vulnerability exists in EG4 Electronics EG4 Inverters due to the lack of restrictions on the number of attempts to enter a correct PIN for registered products. This flaw could enable an attacker to use brute-force methods to gain unauthorized access, provided they have a valid device serial number. The API offers clear feedback when the correct PIN is entered. This vulnerability was addressed in a server-side update on April 6, 2025.

Impact

Exploitation of this vulnerability could allow unauthorized access to the affected inverter, potentially leading to unauthorized control over the device and its functions.

Added: Aug 8, 2025, 5:35 PM

Updated: Aug 8, 2025, 5:35 PM

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

7.5

exploitability

6.6

remediation

0.0

relevance

0.3

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

7.5

exploitability

6.6

remediation

0.0

relevance

0.3

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

EG4 Electronics EG4 Inverters Improper Restriction of Excessive Authentication Attempts Vulnerability

Vulnerability

Impact

Affected Products

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating