The rapid proliferation of solar energy systems brings with it cybersecurity vulnerabilities. A recent report published by Forescout’s Vedere Labs unit revealed that approximately 35,000 internet-enabled solar energy devices worldwide have serious security vulnerabilities. These devices include inverters, data loggers, and gateways.
Vulnerability in thousands of solar panel systems!
The report noted that the majority of these devices run on outdated software, and that known vulnerabilities already circulating online could be exploited in these systems. Furthermore, many of these devices were released years ago, and some are models no longer supported by the manufacturer.
According to Forescout’s data, 76 percent of these internet-enabled devices are located in Europe. Germany and Greece are among the most at-risk countries. The report states that this is not only related to product quality but also to insecure factory default settings, user configuration errors, and incomplete guidance.
The online visibility of the SolarView Compact device has increased by 350 percent in the last two years. This device was used in a cyberattack in Japan in 2024 and played a role in the infiltration of bank accounts. The increased risk profile of this model, in particular, suggests that even systems still supported by manufacturers can harbor serious vulnerabilities.
Forescout’s previously published report identified 46 different vulnerabilities. Now, it appears that many of these same systems are still vulnerable. Older but still in use products like the SMA Sunny WebBox are accessible over the internet and could potentially serve as backdoors in critical energy infrastructures.
The threat isn’t just a technical vulnerability; it also carries geopolitical implications. A Reuters report last year highlighted the use of standalone communication modules in Chinese inverters. While these modules haven’t been linked to any attacks, many countries have decided to review their security protocols in their energy infrastructures.
Security experts advise retiring devices without manufacturer support. Furthermore, exposing management interfaces directly to the internet is not recommended. If remote access is required, virtual private networks (VPNs) should be used and international security standards such as CISA and NIST should be adhered to.
However, in addition to basic security layers like antivirus and endpoint protection solutions, next-generation security approaches like Zero Trust Network Access (ZTNA) architecture are now essential for protecting critical infrastructure. Otherwise, a small inverter could trigger a major energy crisis.
{{user}} {{datetime}}
{{text}}