CRITICAL🇬🇧 English

CVE-2017-9855

CVSS 9.8v3.1pub. 2017-08-05upd. 2026-05-13

An issue was discovered in SMA Solar Technology products. A secondary authentication system is available for Installers called the Grid Guard system. This system uses predictable codes, and a single Grid Guard code can be used on any SMA inverter. Any such code, when combined with the installer account, allows changing very sensitive parameters. NOTE: the vendor reports that Grid Guard is not an authentication feature; it is only a tracing feature. Also, only Sunny Boy TLST-21 and TL-21 and Sunny Tripower TL-10 and TL-30 could potentially be affected

oryginał EN
CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
  • Sma Sunny Boy 1.5

    HW
    Sma
    wszystkie wersje
  • Sma Sunny Boy 1.5 Firmware

    OS
    Sma
    wszystkie wersje
  • Sma Sunny Boy 2.5

    HW
    Sma
    wszystkie wersje
  • Sma Sunny Boy 2.5 Firmware

    OS
    Sma
    wszystkie wersje
  • Sma Sunny Boy 3.0

    HW
    Sma
    wszystkie wersje
  • Sma Sunny Boy 3000tl

    HW
    Sma
    wszystkie wersje
  • Sma Sunny Boy 3000tl Firmware

    OS
    Sma
    wszystkie wersje
  • Sma Sunny Boy 3.0 Firmware

    OS
    Sma
    wszystkie wersje
  • Sma Sunny Boy 3.6

    HW
    Sma
    wszystkie wersje
  • Sma Sunny Boy 3600

    HW
    Sma
    wszystkie wersje
  • Sma Sunny Boy 3600 Firmware

    OS
    Sma
    wszystkie wersje
  • Sma Sunny Boy 3600tl

    HW
    Sma
    wszystkie wersje
  • Sma Sunny Boy 3600tl Firmware

    OS
    Sma
    wszystkie wersje
  • Sma Sunny Boy 3.6 Firmware

    OS
    Sma
    wszystkie wersje
  • Sma Sunny Boy 4.0

    HW
    Sma
    wszystkie wersje
  • Sma Sunny Boy 4000tl

    HW
    Sma
    wszystkie wersje
  • Sma Sunny Boy 4000tl Firmware

    OS
    Sma
    wszystkie wersje
  • Sma Sunny Boy 4.0 Firmware

    OS
    Sma
    wszystkie wersje
  • Sma Sunny Boy 5.0

    HW
    Sma
    wszystkie wersje
  • Sma Sunny Boy 5000

    HW
    Sma
    wszystkie wersje
  • Sma Sunny Boy 5000 Firmware

    OS
    Sma
    wszystkie wersje
  • Sma Sunny Boy 5000tl

    HW
    Sma
    wszystkie wersje
  • Sma Sunny Boy 5000tl Firmware

    OS
    Sma
    wszystkie wersje
  • Sma Sunny Boy 5.0 Firmware

    OS
    Sma
    wszystkie wersje
  • Sma Sunny Boy Storage 2.5

    HW
    Sma
    wszystkie wersje
  • Sma Sunny Boy Storage 2.5 Firmware

    OS
    Sma
    wszystkie wersje
  • Sma Sunny Central 1000cp Xt

    HW
    Sma
    wszystkie wersje
  • Sma Sunny Central 1000cp Xt Firmware

    OS
    Sma
    wszystkie wersje
  • Sma Sunny Central 2200

    HW
    Sma
    wszystkie wersje
  • Sma Sunny Central 2200 Firmware

    OS
    Sma
    wszystkie wersje
🔵
ZWERYFIKUJ U PRODUCENTA
Brak jednoznacznych danych o patchu. Sprawdź referencje od producenta.
CWE
Referencje

Powiązane podatności

CVE-2017-9859CRITICAL9.8ten sam produkt

An issue was discovered in SMA Solar Technology products. The inverters make use of a weak hashing algorithm t...

CVE-2017-9854CRITICAL9.8ten sam produkt

An issue was discovered in SMA Solar Technology products. By sniffing for specific packets on the localhost, p...

CVE-2017-9853CRITICAL9.8ten sam produkt

An issue was discovered in SMA Solar Technology products. All inverters have a very weak password policy for t...

CVE-2017-9852CRITICAL9.8ten sam produkt

An Incorrect Password Management issue was discovered in SMA Solar Technology products. Default passwords exis...

CVE-2017-9860CRITICAL9.8ten sam produkt

An issue was discovered in SMA Solar Technology products. An attacker can use Sunny Explorer or the SMAdata2+ ...

CVE-2017-9855 — CRITICAL 9.8 | CVEbaza.pl