Solar panel stations could fall prey to this devious security hack

Hundreds of panels could still be at risk

When you purchase through links on our site, we may earn an affiliate commission.Here’s how it works.

Renewable energy stations, particularly in Japan, could be at risk of disruption by hackers thanks to a Contec product vulnerability that has been exploited.

Japanese company’s SolarView products enable active monitoring of solar farms, and have been installed in an estimated 30,000 locations to date according to company information.

The vulnerability, which has been tracked as CVE-2022-29303 since it was identified in April, was awarded a score of 9.8 out of 10, making it ‘critical.’

Smart solar panel modules hack

This, along with more than 20 other exploits, forms part of whatPalo Alto Networksdescribes as a mission to spread a variant of the Mirai botnet. IoT devices have been a clear target of the attacks, with victims including TP-Link,Netgear, and Zyxel.

These are the best malware removal tools>A new Mirai variant is targeting IoT devices - here’s how to stay safe>CISA is worried that critical infrastructure is vulnerable to ransomware attacks

This is especially troubling because the Mirai botnet which was first discovered in 2016 shows no signs of slowing down. That, in combination with the rise in IoT devices, presents potential for widespread disruption.

For SolarView products in particular, the CVE description reads: “SolarView Compact ver.6.00 was discovered to contain a command injection vulnerability via conf_mail.php.”

VulnChecksuggests that at least 600 SolarView systems are indexed on Shodan, a search engine used to locate Internet-connected devices. While it’s unclear how many devices are still running firmware version 6.00 from 2019, it’s clear that a substantial number of solar panel operators could be at risk of disruption. Furthermore, VulnCheck believes that the vulnerability has existed since at least version 4.00. The most up-to-date version is now 8.10.

Are you a pro? Subscribe to our newsletter

Sign up to the TechRadar Pro newsletter to get all the top news, opinion, features and guidance your business needs to succeed!

Contec, the maker of the SolarView series, has not published any information on the security concern, but general advice to keep all Internet-connected devices updated to the latest firmware still stands.

With several years’ experience freelancing in tech and automotive circles, Craig’s specific interests lie in technology that is designed to better our lives, including AI and ML, productivity aids, and smart fitness. He is also passionate about cars and the decarbonisation of personal transportation. As an avid bargain-hunter, you can be sure that any deal Craig finds is top value!

LG Electronics sets ambitious B2B revenue goal to offset declining consumer demand

New fanless cooling technology enhances energy efficiency for AI workloads by achieving a 90% reduction in cooling power consumption

Phishing attacks surge in 2024 as cybercriminals adopt AI tools and multi-channel tactics