CISA has published an advisory on a cross-site request forgery vulnerability in SMA Solar Technology AG Sunny WebBox. Versions 1.6 and prior are affected. Successful exploitation of this vulnerability could allow an attacker to generate a denial-of-service condition, modify passwords, enable services, achieve man-in-the-middle, and modify input parameters associated with devices such as sensors. This product is end-of-life and is no longer supported, but SMA has provided recommendations for mitigating the vulnerability. CISA also recommends a series of measures for mitigating the vulnerability. Read the advisory at CISA.
You are here
Related Resources
May 29, 2025 in Cybersecurity, in Security Preparedness
May 29, 2025 in Cybersecurity, in Federal & State Resources, in Security Preparedness
May 29, 2025 in Cybersecurity, in Federal & State Resources, in Security Preparedness