Forescout Technologies identifies vulnerabilities in solar power systems

Research by Forescout Technologies reveals 46 new vulnerabilities in solar power systems from top manufacturers, raising concerns about grid stability. The analysis indicates that 80% of vulnerabilities disclosed in the past three years are classified as high or critical severity. These findings highlight systemic security issues in the solar ecosystem that could jeopardize the stability of power grids and operations across utilities. Vulnerabilities could potentially allow attackers to seize control of solar inverters, leading to manipulation of energy generation and disruptions to service. The report lists vulnerabilities primarily among three manufacturers: Sungrow, Growatt, and System Monitoring Agent (SMA). It details attack scenarios where unauthorized individuals could access and control resources associated with residential solar installations. For instance, attacks could manipulate inverter settings or compromise user data privacy. The Forescout report also notes a concerning reliance on foreign supply in solar technology, with 53% of inverter manufacturers and 58% of storage providers based in China. This reliance further complicates the security landscape of solar power, with potential implications for national security and grid integrity. According to Forescout, all vendors have responded to the findings by addressing reported vulnerabilities through timely patches. The report urges operators of solar power systems to implement strict security protocols, conduct regular risk assessments, and ensure continuous monitoring of these critical components to mitigate potential risks further. For more details, stakeholders can access the full research report, which includes specific recommendations and insight into the vulnerabilities affecting the solar power infrastructure.