The Dutch Institute of Vulnerability Disclosure (DIVD) reviews that two Dutch hackers have found six new vulnerabilities in Enphase IQ Gateway units, previously often called Enphase Envoy.
Wietse Boonstra and Hidde Smit of DIVD reported the vulnerabilities to Enphase on April 17, 2024. Enphase responded the following day and started cooperating with researchers. The vulnerabilities are addressed and hopefully resolved within the subsequent model of the product.
DIVD stated it continues to work with Enphase to establish remaining susceptible and uncovered Envoy IQ gateways all over the world, to expedite the patching course of. However, it says a tool is just susceptible if Enphase gear is uncovered “to an untrusted community, akin to the general public Internet or a house community.”
On August 12, the Netherlands Enterprise Agency (Rijksdienst voor Ondernemend Nederland) launched a report on the weaknesses of Dutch photo voltaic vitality methods. The examine outlines three potential cyberattack eventualities on photo voltaic installations, involving actors from hackers to malicious corporations. It additionally explores mitigation methods to forestall or cut back the impression of such assaults.
The three eventualities are summarized as follows:
- A ransomware gang can exploit cloud portals to take over the accounts of huge installers and extort cash from photo voltaic park operators.
- Criminals can entry and harm inverters by means of on-line software program updates, particularly when 1000’s of inverters with default passwords are compromised by a botnet.
- A state-run entity may goal provide chains, utilizing cyber-weapons to assault vital infrastructure by seizing gear amid heightened geopolitical tensions.
“At DIVD, we sincerely hope that preventive measures will probably be taken to deal with weaknesses and vulnerabilities earlier than catastrophe strikes. We have already found and reported many vulnerabilities in charging stations and their backends,” stated researcher Harm van den Brink. “And in keeping with a examine of the impression of hacking on the charging infrastructure -charges Berenschot, energy outages value at the very least a number of billion euros per day within the Netherlands.”
This content material is protected by copyright and will not be reused. If you need to cooperate with us and need to reuse a few of our content material, please contact: [email protected].