lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening PHC | |
Open Source and information security mailing list archives
| ||
|
Date: Fri, 10 Nov 2023 07:12:31 +0000 From: Phos4Me via Fulldisclosure <fulldisclosure@...lists.org> To: "fulldisclosure@...lists.org" <fulldisclosure@...lists.org> Subject: [FD] Senec Inverters Home V1, V2, V3 Home & Hybrid Publicly Accessible Default Credentials- CVE-2023-39170 > > Advisory ID: Ph0s-2023-004 > > Product: EnBw - SENEC legacy storage box: V1-V3 > > Manufacturer: SENEC - a part of EnBw > > Affected Version(s): Firmware: all (as of 2023-06-19) > > Tested Version(s): current > > Vulnerability Type: CWE-1392: Use of Default Credentials > > > > Risk Level: > > CVSS v3.1 Vector: > > AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H (9.8 Critical) > > > > Manufacturer Risk Level Rating: > > AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:L/E:H/RL:U/RC:C > > Overall CVSS Score: 8.6 > > > > Solution Status: Fixed > > Manufacturer Notification: 2023-06-05 > > Public Disclosure: 2023-11-01 > > CVE Reference: CVE-2023-39170 > > Author of Advisory: Ph0s[4], R0ckE7 > > > > ******************************************************************************** > > > > Overview: > > Foreword: > > This vulnerability was reported to the enbw-cert. we would like to > > thank enbw-cert for taking care of the vulns and patch the systems. > > we decided to publish when most of the reported vulns are patched > > to make sure nobody is harmed when 3rdparys exploit the mentioned vulns. > > > > About Senec: > > We are SENEC > > > > We have been the EnBW energy independence experts since 2018 – but we have > > put our heart and soul into guiding customers on the route to independence > > since SENEC was founded in 2009. Our passion lies in actively promoting the > > energy transition with innovative ideas and pioneering products. And, > > because we don’t do things by halves, our unwavering ambition is to create > > integrated solutions that enable you to enjoy the highest possible degree > > of independence and sustainability through self-generation of solar > > electricity. > > > > About SENEC Home: > > > > SENEC.Home: The smart electricity storage device for your home > > > > SENEC.Home is the heart of the your sustainable, affordable supply of solar > > electricity. The smart battery storage device stores excess electricity > > generated by your PV system so that you can use it when you need it – such as > > when your household’s energy consumption rises in the evening, or on rainy days > > when your PV system generates less power. > > > > ******************************************************************************** > > > > Vulnerability Details: > > > > The credentials for the senec inverters are known in public. > > > > ******************************************************************************** > > > > Proof of Concept (PoC): > > > > The attack consists of the following steps: > > > > 1. use google to optain them, eg: > > https://www.photovoltaikforum.com/thread/206930-senec-v3-hybrid-zugangsdaten/ > > > > ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ > > > > Solution: > > Patched by Manufacturer > > (Rolled out until September 11, 2023) > > > > ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ > > > > Disclosure Timeline: > > > > 2022-06-01: Vulnerability discovered > > 2023-06-05: Vulnerability reported to manufacturer > > 2023-09-11: Patch rollout by manufacturer to affected devices > > 2023-11-01: Public disclosure of vulnerability > > > > ************************************************************************ > > > > Researcher: > > Ph0s[4], R0ckE7 > > > > ************************************************************************ > > > > Disclaimer: > > > > The information provided in this security advisory is provided "as is" > > and without warranty of any kind. Details of this security advisory may > > be updated in order to provide as accurate information as possible. > > > > ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ > > > > Copyright: > > > > Creative Commons - Attribution (by) - Version 4.0 > > URL: https://creativecommons.org/licenses/by/4.0/deed.en > > _______________________________________________ > > Sent through the Full Disclosure mailing list > > https://nmap.org/mailman/listinfo/fulldisclosure > > Web Archives & RSS: https://seclists.org/fulldisclosure/ Download attachment "publickey - Phos4Me@...ton.me - 0x3F4F673D.asc" of type "application/pgp-keys" (641 bytes) Download attachment "signature.asc" of type "application/pgp-signature" (250 bytes) _______________________________________________ Sent through the Full Disclosure mailing list https://nmap.org/mailman/listinfo/fulldisclosure Web Archives & RSS: https://seclists.org/fulldisclosure/
Powered by blists - more mailing lists