Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
CVE Vulnerability Details :
CVE-2017-9855
PUBLISHED
More InfoOfficial Page
Assigner-mitre
Assigner Org ID-8254265b-2729-46b6-b9e3-3dfca2d5bfca
View Known Exploited Vulnerability (KEV) details
Published At-05 Aug, 2017 | 17:00
Updated At-29 Oct, 2024 | 13:57
Rejected At-
â–¼CVE Numbering Authority (CNA)

An issue was discovered in SMA Solar Technology products. A secondary authentication system is available for Installers called the Grid Guard system. This system uses predictable codes, and a single Grid Guard code can be used on any SMA inverter. Any such code, when combined with the installer account, allows changing very sensitive parameters. NOTE: the vendor reports that Grid Guard is not an authentication feature; it is only a tracing feature. Also, only Sunny Boy TLST-21 and TL-21 and Sunny Tripower TL-10 and TL-30 could potentially be affected

Affected Products
Vendor
n/a
Product
n/a
Versions
Affected
  • n/a
Problem Types
TypeCWE IDDescription
textN/An/a
Type: text
CWE ID: N/A
Description: n/a
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
http://www.sma.de/en/statement-on-cyber-security.html
x_refsource_MISC
https://horusscenario.com/CVE-information/
x_refsource_MISC
http://www.sma.de/fileadmin/content/global/specials/documents/cyber-security/Whitepaper-Cyber-Security-AEN1732_07.pdf
x_refsource_MISC
Hyperlink: http://www.sma.de/en/statement-on-cyber-security.html
Resource:
x_refsource_MISC
Hyperlink: https://horusscenario.com/CVE-information/
Resource:
x_refsource_MISC
Hyperlink: http://www.sma.de/fileadmin/content/global/specials/documents/cyber-security/Whitepaper-Cyber-Security-AEN1732_07.pdf
Resource:
x_refsource_MISC
â–¼Authorized Data Publishers (ADP)
1. CISA ADP Vulnrichment
Affected Products
Vendor
sma
Product
sunny_boy_3600_firmware
CPEs
  • cpe:2.3:o:sma:sunny_boy_3600_firmware:-:*:*:*:*:*:*:*
Default Status
unknown
Versions
Affected
  • -
Vendor
sma
Product
sunny_boy_5000_firmware
CPEs
  • cpe:2.3:o:sma:sunny_boy_5000_firmware:-:*:*:*:*:*:*:*
Default Status
unknown
Versions
Affected
  • -
Vendor
sma
Product
sunny_tripower_core1_firmware
CPEs
  • cpe:2.3:o:sma:sunny_tripower_core1_firmware:-:*:*:*:*:*:*:*
Default Status
unknown
Versions
Affected
  • -
Vendor
sma
Product
sunny_tripower_15000tl_firmware
CPEs
  • cpe:2.3:o:sma:sunny_tripower_15000tl_firmware:-:*:*:*:*:*:*:*
Default Status
unknown
Versions
Affected
  • -
Vendor
sma
Product
sunny_tripower_20000tl_firmware
CPEs
  • cpe:2.3:o:sma:sunny_tripower_20000tl_firmware:-:*:*:*:*:*:*:*
Default Status
unknown
Versions
Affected
  • -
Vendor
sma
Product
sunny_tripower_25000tl_firmware
CPEs
  • cpe:2.3:o:sma:sunny_tripower_25000tl_firmware:-:*:*:*:*:*:*:*
Default Status
unknown
Versions
Affected
  • -
Vendor
sma
Product
sunny_tripower_5000tl_firmware
CPEs
  • cpe:2.3:o:sma:sunny_tripower_5000tl_firmware:-:*:*:*:*:*:*:*
Default Status
unknown
Versions
Affected
  • -
Vendor
sma
Product
sunny_tripower_12000tl_firmware
CPEs
  • cpe:2.3:o:sma:sunny_tripower_12000tl_firmware:-:*:*:*:*:*:*:*
Default Status
unknown
Versions
Affected
  • -
Vendor
sma
Product
sunny_tripower_60_firmware
CPEs
  • cpe:2.3:o:sma:sunny_tripower_60_firmware:-:*:*:*:*:*:*:*
Default Status
unknown
Versions
Affected
  • -
Vendor
sma
Product
sunny_boy_3000tl_firmware
CPEs
  • cpe:2.3:o:sma:sunny_boy_3000tl_firmware:-:*:*:*:*:*:*:*
Default Status
unknown
Versions
Affected
  • -
Vendor
sma
Product
sunny_boy_3600tl_firmware
CPEs
  • cpe:2.3:o:sma:sunny_boy_3600tl_firmware:-:*:*:*:*:*:*:*
Default Status
unknown
Versions
Affected
  • -
Vendor
sma
Product
sunny_boy_4000tl_firmware
CPEs
  • cpe:2.3:o:sma:sunny_boy_4000tl_firmware:-:*:*:*:*:*:*:*
Default Status
unknown
Versions
Affected
  • -
Vendor
sma
Product
sunny_boy_5000tl_firmware
CPEs
  • cpe:2.3:o:sma:sunny_boy_5000tl_firmware:-:*:*:*:*:*:*:*
Default Status
unknown
Versions
Affected
  • -
Vendor
sma
Product
sunny_boy_1.5_firmware
CPEs
  • cpe:2.3:o:sma:sunny_boy_1.5_firmware:-:*:*:*:*:*:*:*
Default Status
unknown
Versions
Affected
  • -
Vendor
sma
Product
sunny_boy_2.5_firmware
CPEs
  • cpe:2.3:o:sma:sunny_boy_2.5_firmware:-:*:*:*:*:*:*:*
Default Status
unknown
Versions
Affected
  • -
Vendor
sma
Product
sunny_boy_3.0_firmware
CPEs
  • cpe:2.3:o:sma:sunny_boy_3.0_firmware:-:*:*:*:*:*:*:*
Default Status
unknown
Versions
Affected
  • -
Vendor
sma
Product
sunny_boy_3.6_firmware
CPEs
  • cpe:2.3:o:sma:sunny_boy_3.6_firmware:-:*:*:*:*:*:*:*
Default Status
unknown
Versions
Affected
  • -
Vendor
sma
Product
sunny_boy_4.0_firmware
CPEs
  • cpe:2.3:o:sma:sunny_boy_4.0_firmware:-:*:*:*:*:*:*:*
Default Status
unknown
Versions
Affected
  • -
Vendor
sma
Product
sunny_boy_5.0_firmware
CPEs
  • cpe:2.3:o:sma:sunny_boy_5.0_firmware:-:*:*:*:*:*:*:*
Default Status
unknown
Versions
Affected
  • -
Vendor
sma
Product
sunny_central_2200_firmware
CPEs
  • cpe:2.3:o:sma:sunny_central_2200_firmware:-:*:*:*:*:*:*:*
Default Status
unknown
Versions
Affected
  • -
Vendor
sma
Product
sunny_central_1000cp_xt_firmware
CPEs
  • cpe:2.3:o:sma:sunny_central_1000cp_xt_firmware:-:*:*:*:*:*:*:*
Default Status
unknown
Versions
Affected
  • -
Vendor
sma
Product
sunny_central_800cp_xt_firmware
CPEs
  • cpe:2.3:o:sma:sunny_central_800cp_xt_firmware:-:*:*:*:*:*:*:*
Default Status
unknown
Versions
Affected
  • -
Vendor
sma
Product
sunny_central_850cp_xt_firmware
CPEs
  • cpe:2.3:o:sma:sunny_central_850cp_xt_firmware:-:*:*:*:*:*:*:*
Default Status
unknown
Versions
Affected
  • -
Vendor
sma
Product
sunny_central_900cp_xt_firmware
CPEs
  • cpe:2.3:o:sma:sunny_central_900cp_xt_firmware:-:*:*:*:*:*:*:*
Default Status
unknown
Versions
Affected
  • -
Vendor
sma
Product
sunny_central_500cp_xt_firmware
CPEs
  • cpe:2.3:o:sma:sunny_central_500cp_xt_firmware:-:*:*:*:*:*:*:*
Default Status
unknown
Versions
Affected
  • -
Vendor
sma
Product
sunny_central_630cp_xt_firmware
CPEs
  • cpe:2.3:o:sma:sunny_central_630cp_xt_firmware:-:*:*:*:*:*:*:*
Default Status
unknown
Versions
Affected
  • -
Vendor
sma
Product
sunny_central_720cp_xt_firmware
CPEs
  • cpe:2.3:o:sma:sunny_central_720cp_xt_firmware:-:*:*:*:*:*:*:*
Default Status
unknown
Versions
Affected
  • -
Vendor
sma
Product
sunny_central_760cp_xt_firmware
CPEs
  • cpe:2.3:o:sma:sunny_central_760cp_xt_firmware:-:*:*:*:*:*:*:*
Default Status
unknown
Versions
Affected
  • -
Vendor
sma
Product
sunny_central_storage_500_firmware
CPEs
  • cpe:2.3:o:sma:sunny_central_storage_500_firmware:-:*:*:*:*:*:*:*
Default Status
unknown
Versions
Affected
  • -
Vendor
sma
Product
sunny_central_storage_630_firmware
CPEs
  • cpe:2.3:o:sma:sunny_central_storage_630_firmware:-:*:*:*:*:*:*:*
Default Status
unknown
Versions
Affected
  • -
Vendor
sma
Product
sunny_central_storage_720_firmware
CPEs
  • cpe:2.3:o:sma:sunny_central_storage_720_firmware:-:*:*:*:*:*:*:*
Default Status
unknown
Versions
Affected
  • -
Vendor
sma
Product
sunny_central_storage_760_firmware
CPEs
  • cpe:2.3:o:sma:sunny_central_storage_760_firmware:-:*:*:*:*:*:*:*
Default Status
unknown
Versions
Affected
  • -
Vendor
sma
Product
sunny_central_storage_800_firmware
CPEs
  • cpe:2.3:o:sma:sunny_central_storage_800_firmware:-:*:*:*:*:*:*:*
Default Status
unknown
Versions
Affected
  • -
Vendor
sma
Product
sunny_central_storage_850_firmware
CPEs
  • cpe:2.3:o:sma:sunny_central_storage_850_firmware:-:*:*:*:*:*:*:*
Default Status
unknown
Versions
Affected
  • -
Vendor
sma
Product
sunny_central_storage_900_firmware
CPEs
  • cpe:2.3:o:sma:sunny_central_storage_900_firmware:-:*:*:*:*:*:*:*
Default Status
unknown
Versions
Affected
  • -
Vendor
sma
Product
sunny_central_storage_1000_firmware
CPEs
  • cpe:2.3:o:sma:sunny_central_storage_1000_firmware:-:*:*:*:*:*:*:*
Default Status
unknown
Versions
Affected
  • -
Vendor
sma
Product
sunny_central_storage_2200_firmware
CPEs
  • cpe:2.3:o:sma:sunny_central_storage_2200_firmware:-:*:*:*:*:*:*:*
Default Status
unknown
Versions
Affected
  • -
Vendor
sma
Product
sunny_central_storage_2500-ev_firmware
CPEs
  • cpe:2.3:o:sma:sunny_central_storage_2500-ev_firmware:-:*:*:*:*:*:*:*
Default Status
unknown
Versions
Affected
  • -
Vendor
sma
Product
sunny_boy_storage_2.5_firmware
CPEs
  • cpe:2.3:o:sma:sunny_boy_storage_2.5_firmware:-:*:*:*:*:*:*:*
Default Status
unknown
Versions
Affected
  • -
Problem Types
TypeCWE IDDescription
CWECWE-863CWE-863 Incorrect Authorization
Type: CWE
CWE ID: CWE-863
Description: CWE-863 Incorrect Authorization
Metrics
VersionBase scoreBase severityVector
3.19.8CRITICAL
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Version: 3.1
Base score: 9.8
Base severity: CRITICAL
Vector:
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
2. CVE Program Container
Affected Products
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
http://www.sma.de/en/statement-on-cyber-security.html
x_refsource_MISC
x_transferred
https://horusscenario.com/CVE-information/
x_refsource_MISC
x_transferred
http://www.sma.de/fileadmin/content/global/specials/documents/cyber-security/Whitepaper-Cyber-Security-AEN1732_07.pdf
x_refsource_MISC
x_transferred
Hyperlink: http://www.sma.de/en/statement-on-cyber-security.html
Resource:
x_refsource_MISC
x_transferred
Hyperlink: https://horusscenario.com/CVE-information/
Resource:
x_refsource_MISC
x_transferred
Hyperlink: http://www.sma.de/fileadmin/content/global/specials/documents/cyber-security/Whitepaper-Cyber-Security-AEN1732_07.pdf
Resource:
x_refsource_MISC
x_transferred
Details not found