Researchers at Forescout have found that around 35,000 solar power systems are exposed to the internet and potentially vulnerable to remote attacks, with over 12,000 of these being SMA devices. Many of these exposed management interfaces belong to products from manufacturers like Fronius, Solare Datensysteme, Contec, Sungrow, Kostal, Kaco, Growatt, and Sinapsi. Although exposure doesn’t automatically mean the devices are hackable, vulnerabilities in some—like SolarView Compact, which has three known flaws exploited in the wild—put them at risk. Forescout warns that while these devices may not directly threaten the grid as much as those managed via cloud platforms, they could still serve as entry points into sensitive networks. Vendors encourage ensuring that these devices are not exposed to the web.

‍