Vulnerabilities > CVE-2017-9864 - Unspecified vulnerability in SMA products

CVSS 7.5 - HIGH

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

NONE

Integrity impact

HIGH

Availability impact

NONE

network

low complexity

sma

NVD

Published: 2017-08-05

Updated: 2024-04-11

Summary

An issue was discovered in SMA Solar Technology products. An attacker can change the plant time even when not authenticated in any way. This changes the system time, possibly affecting lockout policies and random-number generators based on timestamps, and makes timestamps for data analysis unreliable. NOTE: the vendor reports that this is largely irrelevant because it only affects log-entry timestamps, and because the plant time would later be reset via NTP. (It has never been the case that a lockout policy or random-number generator was affected.) Also, only Sunny Boy TLST-21 and TL-21 and Sunny Tripower TL-10 and TL-30 could potentially be affected

Vulnerable Configurations

Part	Description	Count
OS	Sma SMA Sunny BOY 3600 Firmware - SMA Sunny BOY 5000 Firmware - SMA Sunny Tripower Core1 Firmware - SMA Sunny Tripower 15000Tl Firmware - SMA Sunny Tripower 20000Tl Firmware - SMA Sunny Tripower 25000Tl Firmware - SMA Sunny Tripower 5000Tl Firmware - SMA Sunny Tripower 12000Tl Firmware - SMA Sunny Tripower 60 Firmware - SMA Sunny BOY 3000Tl Firmware - SMA Sunny BOY 3600Tl Firmware - SMA Sunny BOY 4000Tl Firmware - SMA Sunny BOY 5000Tl Firmware - SMA Sunny BOY 1.5 Firmware - SMA Sunny BOY 2.5 Firmware - SMA Sunny BOY 3.0 Firmware - SMA Sunny BOY 3.6 Firmware - SMA Sunny BOY 4.0 Firmware - SMA Sunny BOY 5.0 Firmware - SMA Sunny Central 2200 Firmware - SMA Sunny Central 1000Cp XT Firmware - SMA Sunny Central 800Cp XT Firmware - SMA Sunny Central 850Cp XT Firmware - SMA Sunny Central 900Cp XT Firmware - SMA Sunny Central 500Cp XT Firmware - SMA Sunny Central 630Cp XT Firmware - SMA Sunny Central 720Cp XT Firmware - SMA Sunny Central 760Cp XT Firmware - SMA Sunny Central Storage 500 Firmware - SMA Sunny Central Storage 630 Firmware - SMA Sunny Central Storage 720 Firmware - SMA Sunny Central Storage 760 Firmware - SMA Sunny Central Storage 800 Firmware - SMA Sunny Central Storage 850 Firmware - SMA Sunny Central Storage 900 Firmware - SMA Sunny Central Storage 1000 Firmware - SMA Sunny Central Storage 2200 Firmware - SMA Sunny Central Storage 2500 EV Firmware - SMA Sunny BOY Storage 2.5 Firmware -	39
Hardware	Sma SMA Sunny BOY 3600 - SMA Sunny BOY 5000 - SMA Sunny Tripower Core1 - SMA Sunny Tripower 15000Tl - SMA Sunny Tripower 20000Tl - SMA Sunny Tripower 25000Tl - SMA Sunny Tripower 5000Tl - SMA Sunny Tripower 12000Tl - SMA Sunny Tripower 60 - SMA Sunny BOY 3000Tl - SMA Sunny BOY 3600Tl - SMA Sunny BOY 4000Tl - SMA Sunny BOY 5000Tl - SMA Sunny BOY 1.5 - SMA Sunny BOY 2.5 - SMA Sunny BOY 3.0 - SMA Sunny BOY 3.6 - SMA Sunny BOY 4.0 - SMA Sunny BOY 5.0 - SMA Sunny Central 2200 - SMA Sunny Central 1000Cp XT - SMA Sunny Central 800Cp XT - SMA Sunny Central 850Cp XT - SMA Sunny Central 900Cp XT - SMA Sunny Central 500Cp XT - SMA Sunny Central 630Cp XT - SMA Sunny Central 720Cp XT - SMA Sunny Central 760Cp XT - SMA Sunny Central Storage 500 - SMA Sunny Central Storage 630 - SMA Sunny Central Storage 720 - SMA Sunny Central Storage 760 - SMA Sunny Central Storage 800 - SMA Sunny Central Storage 850 - SMA Sunny Central Storage 900 - SMA Sunny Central Storage 1000 - SMA Sunny Central Storage 2200 - SMA Sunny Central Storage 2500 EV - SMA Sunny BOY Storage 2.5 -	39

Summary

Vulnerable Configurations

References