CVE-2024-28756

Name of the Vulnerable Software and Affected Versions SolarEdge mySolarEdge application version prior to 2.20.1 for Android

Description The issue is related to a certificate verification problem, allowing a Machine-in-the-middle (MitM) attacker to read and alter all network traffic between the application and the server. This could potentially expose sensitive information.

Recommendations For versions prior to 2.20.1, update to version 2.20.1 or later to resolve the issue. As a temporary workaround, consider restricting network access to trusted sources to minimize the risk of exploitation.