Vulnerability Description
An Incorrect Password Management issue was discovered in SMA Solar Technology products. Default passwords exist that are rarely changed. User passwords will almost always be default. Installer passwords are expected to be default or similar across installations installed by the same company (but are sometimes changed). Hidden user accounts have (at least in some cases, though more research is required to test this for all hidden user accounts) a fixed password for all devices; it can never be changed by a user. Other vulnerabilities exist that allow an attacker to get the passwords of these hidden user accounts. NOTE: the vendor reports that it has no influence on the allocation of passwords, and that global hardcoded master passwords do not exist. Also, only Sunny Boy TLST-21 and TL-21 and Sunny Tripower TL-10 and TL-30 could potentially be affected
CVSS Score
CRITICAL
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Sma | Sunny Boy 3600 Firmware | - |
| Sma | Sunny Boy 3600 | - |
| Sma | Sunny Boy 5000 Firmware | - |
| Sma | Sunny Boy 5000 | - |
| Sma | Sunny Tripower Core1 Firmware | - |
| Sma | Sunny Tripower Core1 | - |
| Sma | Sunny Tripower 15000Tl Firmware | - |
| Sma | Sunny Tripower 15000Tl | - |
| Sma | Sunny Tripower 20000Tl Firmware | - |
| Sma | Sunny Tripower 20000Tl | - |
| Sma | Sunny Tripower 25000Tl Firmware | - |
| Sma | Sunny Tripower 25000Tl | - |
| Sma | Sunny Tripower 5000Tl Firmware | - |
| Sma | Sunny Tripower 5000Tl | - |
| Sma | Sunny Tripower 12000Tl Firmware | - |
| Sma | Sunny Tripower 12000Tl | - |
| Sma | Sunny Tripower 60 Firmware | - |
| Sma | Sunny Tripower 60 | - |
| Sma | Sunny Boy 3000Tl Firmware | - |
| Sma | Sunny Boy 3000Tl | - |
Related Weaknesses (CWE)
References
- http://www.sma.de/en/statement-on-cyber-security.html
- http://www.sma.de/fileadmin/content/global/specials/documents/cyber-security/Whi
- https://horusscenario.com/CVE-information/Third Party Advisory
- http://www.sma.de/en/statement-on-cyber-security.html
- http://www.sma.de/fileadmin/content/global/specials/documents/cyber-security/Whi
- https://horusscenario.com/CVE-information/Third Party Advisory
FAQ
What is CVE-2017-9852?
CVE-2017-9852 is a vulnerability with a CVSS score of 9.8 (CRITICAL). An Incorrect Password Management issue was discovered in SMA Solar Technology products. Default passwords exist that are rarely changed. User passwords will almost always be default. Installer passwor...
How severe is CVE-2017-9852?
CVE-2017-9852 has been rated CRITICAL with a CVSS base score of 9.8/10. This is considered a critical vulnerability requiring immediate attention.
Is there a patch for CVE-2017-9852?
Check the references section above for vendor advisories and patch information. Affected products include: Sma Sunny Boy 3600 Firmware, Sma Sunny Boy 3600, Sma Sunny Boy 5000 Firmware, Sma Sunny Boy 5000, Sma Sunny Tripower Core1 Firmware.