GradeZero Music Band

Monday, September 14, 2015

Sunny WebBox Fix

CVE-2015-3964: SMA Solar Technology AG Sunny WebBox (monitoring solution for medium-sized PV plants) Hardcoded Account Vulnerability is fixed. Presented at 31C3 by Alexander Timorin.

SMA did a great job to remove open Sunny WebBox from the Internet. According Shodan it only ~9,500 online now vs 80,000 in December 2014.
Looks like #SCADASOS works. You can find more shodan/google dorks for Solar and Wind Power Plants here.



No comments:

Post a Comment