CVE-2025-52586 Information
Aug 09, 2025
cve
Description
The MOD3 command traffic between the monitoring application and the inverter is transmitted in plaintext without encryption or obfuscation. This vulnerability may allow an attacker with access to a local network to intercept manipulate replay or forge critical data including read/write operations for voltage current and power configuration operational status alarms telemetry system reset or inverter control commands potentially disrupting power generation or reconfiguring inverter settings.
Reference
https://eg4electronics.com/contact/ https://www.cisa.gov/news-events/ics-advisories/icsa-25-219-07
Related CNNVD
CNNVD-202508-764 (Published: 2025-08-08)
Share on: