CVE-2017-9861

Name of the Vulnerable Software and Affected Versions SMA Solar Technology products, specifically Sunny Boy TLST-21, TL-21, and Sunny Tripower TL-10, TL-30

Description The SIP implementation in SMA Solar Technology products does not properly use authentication with encryption, making it vulnerable to replay attacks, packet injection attacks, and man-in-the-middle attacks. An attacker can communicate with the device from anywhere within the LAN, potentially crashing the device, stopping communication with SMA servers, exploiting known SIP vulnerabilities, or extracting sensitive information from SIP communications. Since the SIP communication channel is unencrypted, an attacker who understands the protocol can eavesdrop on communications, including extracting passwords.

Recommendations For Sunny Boy TLST-21, TL-21, and Sunny Tripower TL-10, TL-30, consider disabling SIP communication until a secure authentication mechanism with encryption is implemented to prevent replay attacks, packet injection attacks, and man-in-the-middle attacks. Restrict access to the SIP implementation to minimize the risk of exploitation. Avoid using the SIP communication channel for sensitive information exchange until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.