The renewable energy sector, particularly in Japan, faces a potential risk of disruption due to a critical vulnerability found in Contec's SolarView products. This vulnerability, tracked as CVE-2022-29303, has garnered a severity score of 9.8 out of 10.
SolarView products, developed by a Japanese company, facilitate active monitoring of solar farms and have been installed in approximately 30,000 locations to date.
Solar Panels Are Exposed to Hacking
According to TechRadar, security researchers at Palo Alto Networks have uncovered a mission aimed at spreading a variant of the notorious Mirai botnet, a threat that emerged in 2016 and continues to wreak havoc.
This campaign targets Internet of Things (IoT) devices, with victims including popular brands like TP-Link, Netgear, and Zyxel. Mirai's persistence, coupled with the increasing number of IoT devices, presents a significant risk for widespread disruption.
SolarView Vulnerability
Of particular concern is the vulnerability within SolarView products such as solar panels, identified as CVE-2022-29303. This vulnerability allows for command injection via conf_mail.php in SolarView Compact ver.6.00. The severity of this flaw, rated as critical, cannot be understated.
VulnCheck, a vulnerability scanning service, has discovered that at least 600 SolarView systems are accessible through Shodan, a search engine for Internet-connected devices. Although the number of devices still operating on the vulnerable firmware version 6.00 remains uncertain, a considerable number of solar panel operators could be at risk.
Additionally, VulnCheck suggests that this vulnerability might have existed since version 4.00, while the latest version available is 8.10.
As of writing, Contec, the manufacturer of SolarView products, has not yet released an official announcement about the SolarView vulnerability.
However, it is crucial for all users to regularly update their Internet-connected devices to the latest firmware as a general security measure.
Read also: Communal Solar Panel UK: One Roof, Clean Energy for Multiple Apartments is a World's First
How to Minimize the Risk
To safeguard renewable energy stations and protect against potential disruptions, it is essential to address this vulnerability promptly. Operators should take the following steps:
Update Firmware: Ensure SolarView products are running on the most recent firmware version (currently 8.10). Regularly check for firmware updates and apply them promptly.
Security Best Practices: Implement robust security measures, such as changing default credentials, using strong passwords, and enabling two-factor authentication where possible.
Network Segmentation: Isolate SolarView systems from critical infrastructure by implementing network segmentation. This helps limit the potential impact of a compromised device.
Regular Monitoring and Patching: Continuously monitor SolarView systems for any suspicious activity and apply patches as soon as they become available.
In another report by Innovation Origins back in May, a study discovered that solar panel inverters are easy to hack. Many of them do not comply with the requirements, as per the National Digital Infrastructure Inspectorate (RDI).
While more solar panels are being installed in the Netherlands, RDI said that nine inverters were subjected to investigation to see if they are compliant.
The study has revealed that five of them were causing interference.