![How to Use AI as a Productivity Tool with Mike Kaput [MAICON 2025 Speaker Series]](https://www.marketingaiinstitute.com/hubfs/v2MAICON-Speaker_Series.png)
![[The AI Show Episode 152]: ChatGPT Connectors, AI-Human Relationships, New AI Job Data, OpenAI Court-Ordered to Keep ChatGPT Logs & WPP’s Large Marketing Model](https://www.marketingaiinstitute.com/hubfs/ep%20152%20cover.png)
![[FREE EBOOKS] Natural Language Processing with Python, Microsoft 365 Copilot At Work & Four More Best Selling Titles](https://www.javacodegeeks.com/wp-content/uploads/2012/12/jcg-logo.jpg){kind=logo}
.jpg?width=1920&height=1920&fit=bounds&quality=70&format=jpg&auto=webp#)
_Andreas_Prott_Alamy.jpg?width=1280&auto=webp&quality=80&disable=upscale#)
_designer491_Alamy.jpg?width=1280&auto=webp&quality=80&disable=upscale#)
![The new Google TV setup process is impressively fast and easy [Gallery]](https://i0.wp.com/9to5google.com/wp-content/uploads/sites/4/2025/06/Google-TV-logo.jpg?resize=1200%2C628&quality=82&strip=all&ssl=1){kind=logo}
![Apple’s latest CarPlay update revives something Android Auto did right 10 years ago [Gallery]](https://i0.wp.com/9to5google.com/wp-content/uploads/sites/4/2025/06/carplay-live-activities-1.jpg?resize=1200%2C628&quality=82&strip=all&ssl=1)
![3DMark Launches Native Benchmark App for macOS [Video]](https://www.iclarified.com/images/news/97603/97603/97603-640.jpg)
![Craig Federighi: Putting macOS on iPad Would 'Lose What Makes iPad iPad' [Video]](https://www.iclarified.com/images/news/97606/97606/97606-640.jpg)
35,000 solar PV devices hit by dozens of vulnerabilities and weaknesses: is yours one of them?
Forescout finds outdated and internet-exposed solar devices are vulnerable to attack, and urges stricter security.
- Forescout report finds many vulnerable solar devices run outdated firmware with known exploits active in the wild
- Europe holds 76% of all exposed solar power devices, with Germany and Greece particularly at risk
- SolarView Compact exposure jumped 350% in two years, and it's already linked to cybercrime
The rapid growth of solar energy adoption worldwide has sparked renewed concerns about cybersecurity vulnerabilities within solar infrastructure.
A study by Forescout’s Vedere Labs found nearly 35,000 solar power devices, including inverters, data loggers, and gateways, are exposed to the internet, making them susceptible to exploitation.
These findings follow a previous report by Forescout which identified 46 vulnerabilities in solar power systems.
High exposure and geopolitical implications
What’s particularly alarming now is that many of these devices remain unpatched, even as cyber threats grow more sophisticated.
Ironically, vendors with the highest number of exposed devices aren’t necessarily those with the largest global installations, suggesting issues such as poor default security configurations, insufficient user guidance, or unsafe manual settings.
Forescout found Europe accounts for a staggering 76% of all exposed devices, with Germany and Greece most affected.
While an internet-exposed solar system isn’t automatically vulnerable, it becomes a soft target for cybercriminals. For example, the SolarView Compact device experienced a 350% increase in online exposure over two years and was implicated in a 2024 cyber incident involving bank account theft in Japan.
Concerns around solar infrastructure deepened when Reuters reported rogue communication modules in Chinese-manufactured inverters.
Although not tied to a specific attack, the discovery prompted several governments to reevaluate the security of their energy systems.
According to Forescout, insecure configurations are common, and many devices still run outdated firmware versions. Some are known to have vulnerabilities currently under active exploitation.
Devices like the discontinued SMA Sunny WebBox still account for a significant share of exposed systems.
This is not just a matter of faulty products, it reflects a system-wide risk. While individually limited in impact, these internet-exposed devices may serve as entry points into critical infrastructure.
To mitigate risk, organizations should retire devices that cannot be patched and avoid exposing management interfaces to the internet.
For remote access, secure solutions such as VPNs, along with adherence to CISA and NIST guidelines, are essential.
Additionally, a layered approach using top-rated antivirus tools, endpoint protection solutions, and especially Zero Trust Network Access (ZTNA) architecture may be necessary to keep critical systems insulated from intrusion.
You might also like
- Experts warn GTA and Minecraft being used to lure in cyberattack victims
- These are the best green web hosting providers
- We’ve rounded up a list of the best web hosting providers
