Lucene search

[email protected]NVD:CVE-2017-9860

HistoryAug 05, 2017 - 5:29 p.m.

CVE-2017-9860

2017-08-0517:29:00

CWE-287

[email protected]

web.nvd.nist.gov

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

CVSS3

9.8

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

AI Score

9.2

Confidence

High

EPSS

0.003

Percentile

70.4%

JSON

An issue was discovered in SMA Solar Technology products. An attacker can use Sunny Explorer or the SMAdata2+ network protocol to update the device firmware without ever having to authenticate. If an attacker is able to create a custom firmware version that is accepted by the inverter, the inverter is compromised completely. This allows the attacker to do nearly anything: for example, giving access to the local OS, creating a botnet, using the inverters as a stepping stone into companies, etc. NOTE: the vendor reports that this attack has always been blocked by “a final integrity and compatibility check.” Also, only Sunny Boy TLST-21 and TL-21 and Sunny Tripower TL-10 and TL-30 could potentially be affected

Affected configurations

Nvd

Node

smasunny_boy_3600_firmwareMatch-

AND

smasunny_boy_3600Match-

Node

smasunny_boy_5000_firmwareMatch-

AND

smasunny_boy_5000Match-

Node

smasunny_tripower_core1_firmwareMatch-

AND

smasunny_tripower_core1Match-

Node

smasunny_tripower_15000tl_firmwareMatch-

AND

smasunny_tripower_15000tlMatch-

Node

smasunny_tripower_20000tl_firmwareMatch-

AND

smasunny_tripower_20000tlMatch-

Node

smasunny_tripower_25000tl_firmwareMatch-

AND

smasunny_tripower_25000tlMatch-

Node

smasunny_tripower_5000tl_firmwareMatch-

AND

smasunny_tripower_5000tlMatch-

Node

smasunny_tripower_12000tl_firmwareMatch-

AND

smasunny_tripower_12000tlMatch-

Node

smasunny_tripower_60_firmwareMatch-

AND

smasunny_tripower_60Match-

Node

smasunny_boy_3000tl_firmwareMatch-

AND

smasunny_boy_3000tlMatch-

Node

smasunny_boy_3600tl_firmwareMatch-

AND

smasunny_boy_3600tlMatch-

Node

smasunny_boy_4000tl_firmwareMatch-

AND

smasunny_boy_4000tlMatch-

Node

smasunny_boy_5000tl_firmwareMatch-

AND

smasunny_boy_5000tlMatch-

Node

smasunny_boy_1.5_firmwareMatch-

AND

smasunny_boy_1.5Match-

Node

smasunny_boy_2.5_firmwareMatch-

AND

smasunny_boy_2.5Match-

Node

smasunny_boy_3.0_firmwareMatch-

AND

smasunny_boy_3.0Match-

Node

smasunny_boy_3.6_firmwareMatch-

AND

smasunny_boy_3.6Match-

Node

smasunny_boy_4.0_firmwareMatch-

AND

smasunny_boy_4.0Match-

Node

smasunny_boy_5.0_firmwareMatch-

AND

smasunny_boy_5.0Match-

Node

smasunny_central_2200_firmwareMatch-

AND

smasunny_central_2200Match-

Node

smasunny_central_1000cp_xt_firmwareMatch-

AND

smasunny_central_1000cp_xtMatch-

Node

smasunny_central_800cp_xt_firmwareMatch-

AND

smasunny_central_800cp_xtMatch-

Node

smasunny_central_850cp_xt_firmwareMatch-

AND

smasunny_central_850cp_xtMatch-

Node

smasunny_central_900cp_xt_firmwareMatch-

AND

smasunny_central_900cp_xtMatch-

Node

smasunny_central_500cp_xt_firmwareMatch-

AND

smasunny_central_500cp_xtMatch-

Node

smasunny_central_630cp_xt_firmwareMatch-

AND

smasunny_central_630cp_xtMatch-

Node

smasunny_central_720cp_xt_firmwareMatch-

AND

smasunny_central_720cp_xtMatch-

Node

smasunny_central_760cp_xt_firmwareMatch-

AND

smasunny_central_760cp_xtMatch-

Node

smasunny_central_storage_500_firmwareMatch-

AND

smasunny_central_storage_500Match-

Node

smasunny_central_storage_630_firmwareMatch-

AND

smasunny_central_storage_630Match-

Node

smasunny_central_storage_720_firmwareMatch-

AND

smasunny_central_storage_720Match-

Node

smasunny_central_storage_760_firmwareMatch-

AND

smasunny_central_storage_760Match-

Node

smasunny_central_storage_800_firmwareMatch-

AND

smasunny_central_storage_800Match-

Node

smasunny_central_storage_850_firmwareMatch-

AND

smasunny_central_storage_850Match-

Node

smasunny_central_storage_900_firmwareMatch-

AND

smasunny_central_storage_900Match-

Node

smasunny_central_storage_1000_firmwareMatch-

AND

smasunny_central_storage_1000Match-

Node

smasunny_central_storage_2200_firmwareMatch-

AND

smasunny_central_storage_2200Match-

Node

smasunny_central_storage_2500-ev_firmwareMatch-

AND

smasunny_central_storage_2500-evMatch-

Node

smasunny_boy_storage_2.5_firmwareMatch-

AND

smasunny_boy_storage_2.5Match-

VendorProductVersionCPE
smasunny_boy_3600_firmware-cpe:2.3:o:sma:sunny_boy_3600_firmware:-:*:*:*:*:*:*:*
smasunny_boy_3600-cpe:2.3:h:sma:sunny_boy_3600:-:*:*:*:*:*:*:*
smasunny_boy_5000_firmware-cpe:2.3:o:sma:sunny_boy_5000_firmware:-:*:*:*:*:*:*:*
smasunny_boy_5000-cpe:2.3:h:sma:sunny_boy_5000:-:*:*:*:*:*:*:*
smasunny_tripower_core1_firmware-cpe:2.3:o:sma:sunny_tripower_core1_firmware:-:*:*:*:*:*:*:*
smasunny_tripower_core1-cpe:2.3:h:sma:sunny_tripower_core1:-:*:*:*:*:*:*:*
smasunny_tripower_15000tl_firmware-cpe:2.3:o:sma:sunny_tripower_15000tl_firmware:-:*:*:*:*:*:*:*
smasunny_tripower_15000tl-cpe:2.3:h:sma:sunny_tripower_15000tl:-:*:*:*:*:*:*:*
smasunny_tripower_20000tl_firmware-cpe:2.3:o:sma:sunny_tripower_20000tl_firmware:-:*:*:*:*:*:*:*
smasunny_tripower_20000tl-cpe:2.3:h:sma:sunny_tripower_20000tl:-:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
sma	sunny_boy_3600_firmware	-	cpe:2.3:o:sma:sunny_boy_3600_firmware:-:::::::*
sma	sunny_boy_3600	-	cpe:2.3:h:sma:sunny_boy_3600:-:::::::*
sma	sunny_boy_5000_firmware	-	cpe:2.3:o:sma:sunny_boy_5000_firmware:-:::::::*
sma	sunny_boy_5000	-	cpe:2.3:h:sma:sunny_boy_5000:-:::::::*
sma	sunny_tripower_core1_firmware	-	cpe:2.3:o:sma:sunny_tripower_core1_firmware:-:::::::*
sma	sunny_tripower_core1	-	cpe:2.3:h:sma:sunny_tripower_core1:-:::::::*
sma	sunny_tripower_15000tl_firmware	-	cpe:2.3:o:sma:sunny_tripower_15000tl_firmware:-:::::::*
sma	sunny_tripower_15000tl	-	cpe:2.3:h:sma:sunny_tripower_15000tl:-:::::::*
sma	sunny_tripower_20000tl_firmware	-	cpe:2.3:o:sma:sunny_tripower_20000tl_firmware:-:::::::*
sma	sunny_tripower_20000tl	-	cpe:2.3:h:sma:sunny_tripower_20000tl:-:::::::*

Rows per page:

1-10 of 781

References

www.sma.de/en/statement-on-cyber-security.html

www.sma.de/fileadmin/content/global/specials/documents/cyber-security/Whitepaper-Cyber-Security-AEN1732_07.pdf

horusscenario.com/CVE-information/

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

CVSS3

9.8

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

AI Score

9.2

Confidence

High

EPSS

0.003

Percentile

70.4%

JSON

Related for NVD:CVE-2017-9860

cvelist1 prion1 cve1