Connect with us

Hi, what are you looking for?



Security Firm Finds Over 130k Internet-Exposed Photovoltaic Diagnostics Systems

Cyble has discovered more than 130,000 Photovoltaic monitoring and diagnostic solutions exposed to the internet.

More than 130,000 photovoltaic monitoring and diagnostic solutions are accessible from the public internet, which could make them susceptible to cyberattacks, threat intelligence firm Cyble says.

These solutions are used in the solar industry to gather real-time data on the efficiency and operations of photovoltaic installations, and are connected to the electric grid, enabling operators to manage the integration of photovoltaic systems with the grid.

Considered critical components of the systems, these monitoring and diagnostics solutions represent a wide attack surface that threat actors could target to impact grid operations.

Photovoltaic systems use IT and networking infrastructure for monitoring, control, remote diagnostics, and power management, which makes them susceptible to the same risks and types of cyberattacks that any internet-exposed critical infrastructure is prone to.

“A cyberattack on PV diagnostic and monitoring systems might have serious consequences for distributed energy resources (DER), including reduced energy production, system instability, physical asset damage, and unique cybersecurity challenges,” Cyble notes.

According to Cyble, the risks can include vulnerabilities, misconfigurations, and compromised endpoints.

The use of outdated firmware, Cyble notes, could turn monitoring solutions into easy targets for threat actors, especially since vulnerabilities in these solutions are not uncommon, and, in some cases, proof-of-concept (PoC) code targeting them has been made public.

Misconfigurations such as the use of default credentials, improper access control and network segmentation, insecure communications, and others can be exploited by threat actors to gain access to ICS environments.

Advertisement. Scroll to continue reading.

Malware-infected computers from which access credentials can be extracted, Cyble notes, represent another threat to photovoltaic monitoring solutions.

The internet-accessible photovoltaic monitoring systems, Cyble points out, are not necessarily prone to cyberattacks, but their large number does show the significant attack surface that threat actors may exploit.

Related: Exploited Solar Power Product Vulnerability Could Expose Energy Organizations to Attacks

Related: Siemens Energy, Schneider Electric Targeted by Ransomware Group in MOVEit Attack

Related: A Russian Ransomware Gang Breaches the Energy Department and Other Federal Agencies

Written By

Ionut Arghire is an international correspondent for SecurityWeek.

Click to comment

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Join security experts as they discuss ZTNA’s untapped potential to both reduce cyber risk and empower the business.


Join Microsoft and Finite State for a webinar that will introduce a new strategy for securing the software supply chain.


Expert Insights

Related Content


The overall effect of current global geopolitical conditions is that nation states have a greater incentive to target the ICS/OT of critical industries, while...

CISO Strategy

Cybersecurity-related risk is a top concern, so boards need to know they have the proper oversight in place. Even as first-timers, successful CISOs make...


Wago has patched critical vulnerabilities that can allow hackers to take complete control of its programmable logic controllers (PLCs).


Otorio has released a free tool that organizations can use to detect and address issues related to DCOM authentication.


Cybersecurity firm Forescout shows how various ICS vulnerabilities can be chained for an exploit that allows hackers to cause damage to a bridge.

Cybersecurity Funding

Internet of Things (IoT) and Industrial IoT security provider Shield-IoT this week announced that it has closed a $7.4 million Series A funding round,...


More than 1,300 ICS vulnerabilities were discovered in 2022, including nearly 1,000 that have a high or critical severity rating.