Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
NVD Vulnerability Details :
CVE-2017-9855
Deferred
More InfoOfficial Page
Source-cve@mitre.org
View Known Exploited Vulnerability (KEV) details
Published At-05 Aug, 2017 | 17:29
Updated At-20 Apr, 2025 | 01:37

An issue was discovered in SMA Solar Technology products. A secondary authentication system is available for Installers called the Grid Guard system. This system uses predictable codes, and a single Grid Guard code can be used on any SMA inverter. Any such code, when combined with the installer account, allows changing very sensitive parameters. NOTE: the vendor reports that Grid Guard is not an authentication feature; it is only a tracing feature. Also, only Sunny Boy TLST-21 and TL-21 and Sunny Tripower TL-10 and TL-30 could potentially be affected

CISA Catalog
Date AddedDue DateVulnerability NameRequired Action
N/A
Metrics
TypeVersionBase scoreBase severityVector
Secondary3.19.8CRITICAL
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Primary3.09.8CRITICAL
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Primary2.07.5HIGH
AV:N/AC:L/Au:N/C:P/I:P/A:P
CPE Matches
sma
sma
>>sunny_boy_3600_firmware>>-
cpe:2.3:o:sma:sunny_boy_3600_firmware:-:*:*:*:*:*:*:*
sma
sma
>>sunny_boy_3600>>-
cpe:2.3:h:sma:sunny_boy_3600:-:*:*:*:*:*:*:*
sma
sma
>>sunny_boy_5000_firmware>>-
cpe:2.3:o:sma:sunny_boy_5000_firmware:-:*:*:*:*:*:*:*
sma
sma
>>sunny_boy_5000>>-
cpe:2.3:h:sma:sunny_boy_5000:-:*:*:*:*:*:*:*
sma
sma
>>sunny_tripower_core1_firmware>>-
cpe:2.3:o:sma:sunny_tripower_core1_firmware:-:*:*:*:*:*:*:*
sma
sma
>>sunny_tripower_core1>>-
cpe:2.3:h:sma:sunny_tripower_core1:-:*:*:*:*:*:*:*
sma
sma
>>sunny_tripower_15000tl_firmware>>-
cpe:2.3:o:sma:sunny_tripower_15000tl_firmware:-:*:*:*:*:*:*:*
sma
sma
>>sunny_tripower_15000tl>>-
cpe:2.3:h:sma:sunny_tripower_15000tl:-:*:*:*:*:*:*:*
sma
sma
>>sunny_tripower_20000tl_firmware>>-
cpe:2.3:o:sma:sunny_tripower_20000tl_firmware:-:*:*:*:*:*:*:*
sma
sma
>>sunny_tripower_20000tl>>-
cpe:2.3:h:sma:sunny_tripower_20000tl:-:*:*:*:*:*:*:*
sma
sma
>>sunny_tripower_25000tl_firmware>>-
cpe:2.3:o:sma:sunny_tripower_25000tl_firmware:-:*:*:*:*:*:*:*
sma
sma
>>sunny_tripower_25000tl>>-
cpe:2.3:h:sma:sunny_tripower_25000tl:-:*:*:*:*:*:*:*
sma
sma
>>sunny_tripower_5000tl_firmware>>-
cpe:2.3:o:sma:sunny_tripower_5000tl_firmware:-:*:*:*:*:*:*:*
sma
sma
>>sunny_tripower_5000tl>>-
cpe:2.3:h:sma:sunny_tripower_5000tl:-:*:*:*:*:*:*:*
sma
sma
>>sunny_tripower_12000tl_firmware>>-
cpe:2.3:o:sma:sunny_tripower_12000tl_firmware:-:*:*:*:*:*:*:*
sma
sma
>>sunny_tripower_12000tl>>-
cpe:2.3:h:sma:sunny_tripower_12000tl:-:*:*:*:*:*:*:*
sma
sma
>>sunny_tripower_60_firmware>>-
cpe:2.3:o:sma:sunny_tripower_60_firmware:-:*:*:*:*:*:*:*
sma
sma
>>sunny_tripower_60>>-
cpe:2.3:h:sma:sunny_tripower_60:-:*:*:*:*:*:*:*
sma
sma
>>sunny_boy_3000tl_firmware>>-
cpe:2.3:o:sma:sunny_boy_3000tl_firmware:-:*:*:*:*:*:*:*
sma
sma
>>sunny_boy_3000tl>>-
cpe:2.3:h:sma:sunny_boy_3000tl:-:*:*:*:*:*:*:*
sma
sma
>>sunny_boy_3600tl_firmware>>-
cpe:2.3:o:sma:sunny_boy_3600tl_firmware:-:*:*:*:*:*:*:*
sma
sma
>>sunny_boy_3600tl>>-
cpe:2.3:h:sma:sunny_boy_3600tl:-:*:*:*:*:*:*:*
sma
sma
>>sunny_boy_4000tl_firmware>>-
cpe:2.3:o:sma:sunny_boy_4000tl_firmware:-:*:*:*:*:*:*:*
sma
sma
>>sunny_boy_4000tl>>-
cpe:2.3:h:sma:sunny_boy_4000tl:-:*:*:*:*:*:*:*
sma
sma
>>sunny_boy_5000tl_firmware>>-
cpe:2.3:o:sma:sunny_boy_5000tl_firmware:-:*:*:*:*:*:*:*
sma
sma
>>sunny_boy_5000tl>>-
cpe:2.3:h:sma:sunny_boy_5000tl:-:*:*:*:*:*:*:*
sma
sma
>>sunny_boy_1.5_firmware>>-
cpe:2.3:o:sma:sunny_boy_1.5_firmware:-:*:*:*:*:*:*:*
sma
sma
>>sunny_boy_1.5>>-
cpe:2.3:h:sma:sunny_boy_1.5:-:*:*:*:*:*:*:*
sma
sma
>>sunny_boy_2.5_firmware>>-
cpe:2.3:o:sma:sunny_boy_2.5_firmware:-:*:*:*:*:*:*:*
sma
sma
>>sunny_boy_2.5>>-
cpe:2.3:h:sma:sunny_boy_2.5:-:*:*:*:*:*:*:*
sma
sma
>>sunny_boy_3.0_firmware>>-
cpe:2.3:o:sma:sunny_boy_3.0_firmware:-:*:*:*:*:*:*:*
sma
sma
>>sunny_boy_3.0>>-
cpe:2.3:h:sma:sunny_boy_3.0:-:*:*:*:*:*:*:*
sma
sma
>>sunny_boy_3.6_firmware>>-
cpe:2.3:o:sma:sunny_boy_3.6_firmware:-:*:*:*:*:*:*:*
sma
sma
>>sunny_boy_3.6>>-
cpe:2.3:h:sma:sunny_boy_3.6:-:*:*:*:*:*:*:*
sma
sma
>>sunny_boy_4.0_firmware>>-
cpe:2.3:o:sma:sunny_boy_4.0_firmware:-:*:*:*:*:*:*:*
sma
sma
>>sunny_boy_4.0>>-
cpe:2.3:h:sma:sunny_boy_4.0:-:*:*:*:*:*:*:*
sma
sma
>>sunny_boy_5.0_firmware>>-
cpe:2.3:o:sma:sunny_boy_5.0_firmware:-:*:*:*:*:*:*:*
sma
sma
>>sunny_boy_5.0>>-
cpe:2.3:h:sma:sunny_boy_5.0:-:*:*:*:*:*:*:*
sma
sma
>>sunny_central_2200_firmware>>-
cpe:2.3:o:sma:sunny_central_2200_firmware:-:*:*:*:*:*:*:*
sma
sma
>>sunny_central_2200>>-
cpe:2.3:h:sma:sunny_central_2200:-:*:*:*:*:*:*:*
sma
sma
>>sunny_central_1000cp_xt_firmware>>-
cpe:2.3:o:sma:sunny_central_1000cp_xt_firmware:-:*:*:*:*:*:*:*
sma
sma
>>sunny_central_1000cp_xt>>-
cpe:2.3:h:sma:sunny_central_1000cp_xt:-:*:*:*:*:*:*:*
sma
sma
>>sunny_central_800cp_xt_firmware>>-
cpe:2.3:o:sma:sunny_central_800cp_xt_firmware:-:*:*:*:*:*:*:*
sma
sma
>>sunny_central_800cp_xt>>-
cpe:2.3:h:sma:sunny_central_800cp_xt:-:*:*:*:*:*:*:*
sma
sma
>>sunny_central_850cp_xt_firmware>>-
cpe:2.3:o:sma:sunny_central_850cp_xt_firmware:-:*:*:*:*:*:*:*
sma
sma
>>sunny_central_850cp_xt>>-
cpe:2.3:h:sma:sunny_central_850cp_xt:-:*:*:*:*:*:*:*
sma
sma
>>sunny_central_900cp_xt_firmware>>-
cpe:2.3:o:sma:sunny_central_900cp_xt_firmware:-:*:*:*:*:*:*:*
sma
sma
>>sunny_central_900cp_xt>>-
cpe:2.3:h:sma:sunny_central_900cp_xt:-:*:*:*:*:*:*:*
sma
sma
>>sunny_central_500cp_xt_firmware>>-
cpe:2.3:o:sma:sunny_central_500cp_xt_firmware:-:*:*:*:*:*:*:*
sma
sma
>>sunny_central_500cp_xt>>-
cpe:2.3:h:sma:sunny_central_500cp_xt:-:*:*:*:*:*:*:*
Weaknesses
CWE IDTypeSource
NVD-CWE-noinfoPrimarynvd@nist.gov
CWE-863Secondary134c704f-9b21-4f2e-91b3-4a467353bcc0
Evaluator Description
Evaluator Impact

Evaluator Solution

Vendor Statements
References
HyperlinkSourceResource
http://www.sma.de/en/statement-on-cyber-security.htmlcve@mitre.org
N/A
http://www.sma.de/fileadmin/content/global/specials/documents/cyber-security/Whitepaper-Cyber-Security-AEN1732_07.pdfcve@mitre.org
N/A
https://horusscenario.com/CVE-information/cve@mitre.org
Third Party Advisory
http://www.sma.de/en/statement-on-cyber-security.htmlaf854a3a-2127-422b-91ae-364da2661108
N/A
http://www.sma.de/fileadmin/content/global/specials/documents/cyber-security/Whitepaper-Cyber-Security-AEN1732_07.pdfaf854a3a-2127-422b-91ae-364da2661108
N/A
https://horusscenario.com/CVE-information/af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
Change History
0Changes found
Details not found