Contec Solar Power Product Vulnerability Exploited and exposing Energy Organizations
Take action: If you are using Contec's SolarView, either update it to release version 8.0, or if you can't update it (no license or too risky) isolate it from any public access and access only from VPN.
Learn More
Contec's SolarView solar power monitoring product is actively exploited by malicious actors, which could potentially expose hundreds of energy organizations to attacks.
Contec specializes in embedded computing, industrial automation, and IoT communication technology. Their SolarView product is utilized in over 30,000 power stations.
Palo Alto Networks recently reported that a variant of the Mirai botnet has been exploiting the vulnerability, identified as CVE-2022-29303, to compromise devices.
The flaw, which allows remote code injection, affects SolarView version 6.0, with versions as old as 4.0 also being impacted.
The security issue was only patched with the release of version 8.0.
A Shodan search reveals over 600 internet-exposed SolarView systems, including more than 400 running vulnerable versions.
The immediate impact may be limited to loss of monitoring capabilities, but the consequences could be severe if the compromised hardware is part of a solar power generation site if the loss of monitoring causes breakdowns or uncontrolled power conditions in the power generation components.
Security researchers have als noted that other SolarView vulnerabilities, such as CVE-2023-23333 and CVE-2022-44354, are also identified as potential targets for exploitation by malicious actors.
