CVE-2017-9857 : An issue was discovered in SMA Solar Technology products. The SMAdata2+ communic

An issue was discovered in SMA Solar Technology products. The SMAdata2+ communication protocol does not properly use authentication with encryption: it is vulnerable to man in the middle, packet injection, and replay attacks. Any setting change, authentication packet, scouting packet, etc. can be replayed, injected, or used for a man in the middle session. All functionalities available in Sunny Explorer can effectively be done from anywhere within the network as long as an attacker gets the packet setup correctly. This includes the authentication process for all (including hidden) access levels and the changing of settings in accordance with the gained access rights. Furthermore, because the SMAdata2+ communication channel is unencrypted, an attacker capable of understanding the protocol can eavesdrop on communications. NOTE: the vendor's position is that authentication with encryption is not required on an isolated subnetwork. Also, only Sunny Boy TLST-21 and TL-21 and Sunny Tripower TL-10 and TL-30 could potentially be affected

Published 2017-08-05 17:29:01

Updated 2024-08-05 18:15:30

Source MITRE

View at NVD, CVE.org

Products affected by CVE-2017-9857

SMA » Sunny Boy 3600 Firmware » Version: N/A
cpe:2.3:o:sma:sunny_boy_3600_firmware:-:*:*:*:*:*:*:*
Matching versions
When used together with: SMA » Sunny Boy 3600 » Version: N/A
SMA » Sunny Boy 5000 Firmware » Version: N/A
cpe:2.3:o:sma:sunny_boy_5000_firmware:-:*:*:*:*:*:*:*
Matching versions
When used together with: SMA » Sunny Boy 5000 » Version: N/A
SMA » Sunny Tripower Core1 Firmware » Version: N/A
cpe:2.3:o:sma:sunny_tripower_core1_firmware:-:*:*:*:*:*:*:*
Matching versions
When used together with: SMA » Sunny Tripower Core1 » Version: N/A
SMA » Sunny Tripower 15000tl Firmware » Version: N/A
cpe:2.3:o:sma:sunny_tripower_15000tl_firmware:-:*:*:*:*:*:*:*
Matching versions
When used together with: SMA » Sunny Tripower 15000tl » Version: N/A
SMA » Sunny Tripower 20000tl Firmware » Version: N/A
cpe:2.3:o:sma:sunny_tripower_20000tl_firmware:-:*:*:*:*:*:*:*
Matching versions
When used together with: SMA » Sunny Tripower 20000tl » Version: N/A
SMA » Sunny Tripower 25000tl Firmware » Version: N/A
cpe:2.3:o:sma:sunny_tripower_25000tl_firmware:-:*:*:*:*:*:*:*
Matching versions
When used together with: SMA » Sunny Tripower 25000tl » Version: N/A
SMA » Sunny Tripower 5000tl Firmware » Version: N/A
cpe:2.3:o:sma:sunny_tripower_5000tl_firmware:-:*:*:*:*:*:*:*
Matching versions
When used together with: SMA » Sunny Tripower 5000tl » Version: N/A
SMA » Sunny Tripower 12000tl Firmware » Version: N/A
cpe:2.3:o:sma:sunny_tripower_12000tl_firmware:-:*:*:*:*:*:*:*
Matching versions
When used together with: SMA » Sunny Tripower 12000tl » Version: N/A
SMA » Sunny Tripower 60 Firmware » Version: N/A
cpe:2.3:o:sma:sunny_tripower_60_firmware:-:*:*:*:*:*:*:*
Matching versions
When used together with: SMA » Sunny Tripower 60 » Version: N/A
SMA » Sunny Boy 3000tl Firmware » Version: N/A
cpe:2.3:o:sma:sunny_boy_3000tl_firmware:-:*:*:*:*:*:*:*
Matching versions
When used together with: SMA » Sunny Boy 3000tl » Version: N/A
SMA » Sunny Boy 3600tl Firmware » Version: N/A
cpe:2.3:o:sma:sunny_boy_3600tl_firmware:-:*:*:*:*:*:*:*
Matching versions
When used together with: SMA » Sunny Boy 3600tl » Version: N/A
SMA » Sunny Boy 4000tl Firmware » Version: N/A
cpe:2.3:o:sma:sunny_boy_4000tl_firmware:-:*:*:*:*:*:*:*
Matching versions
When used together with: SMA » Sunny Boy 4000tl » Version: N/A
SMA » Sunny Boy 5000tl Firmware » Version: N/A
cpe:2.3:o:sma:sunny_boy_5000tl_firmware:-:*:*:*:*:*:*:*
Matching versions
When used together with: SMA » Sunny Boy 5000tl » Version: N/A
SMA » Sunny Boy 1.5 Firmware » Version: N/A
cpe:2.3:o:sma:sunny_boy_1.5_firmware:-:*:*:*:*:*:*:*
Matching versions
When used together with: SMA » Sunny Boy 1.5 » Version: N/A
SMA » Sunny Boy 2.5 Firmware » Version: N/A
cpe:2.3:o:sma:sunny_boy_2.5_firmware:-:*:*:*:*:*:*:*
Matching versions
When used together with: SMA » Sunny Boy 2.5 » Version: N/A
SMA » Sunny Boy 3.0 Firmware » Version: N/A
cpe:2.3:o:sma:sunny_boy_3.0_firmware:-:*:*:*:*:*:*:*
Matching versions
When used together with: SMA » Sunny Boy 3.0 » Version: N/A
SMA » Sunny Boy 3.6 Firmware » Version: N/A
cpe:2.3:o:sma:sunny_boy_3.6_firmware:-:*:*:*:*:*:*:*
Matching versions
When used together with: SMA » Sunny Boy 3.6 » Version: N/A
SMA » Sunny Boy 4.0 Firmware » Version: N/A
cpe:2.3:o:sma:sunny_boy_4.0_firmware:-:*:*:*:*:*:*:*
Matching versions
When used together with: SMA » Sunny Boy 4.0 » Version: N/A
SMA » Sunny Boy 5.0 Firmware » Version: N/A
cpe:2.3:o:sma:sunny_boy_5.0_firmware:-:*:*:*:*:*:*:*
Matching versions
When used together with: SMA » Sunny Boy 5.0 » Version: N/A
SMA » Sunny Central 2200 Firmware » Version: N/A
cpe:2.3:o:sma:sunny_central_2200_firmware:-:*:*:*:*:*:*:*
Matching versions
When used together with: SMA » Sunny Central 2200 » Version: N/A
SMA » Sunny Central 1000cp Xt Firmware » Version: N/A
cpe:2.3:o:sma:sunny_central_1000cp_xt_firmware:-:*:*:*:*:*:*:*
Matching versions
When used together with: SMA » Sunny Central 1000cp Xt » Version: N/A
SMA » Sunny Central 800cp Xt Firmware » Version: N/A
cpe:2.3:o:sma:sunny_central_800cp_xt_firmware:-:*:*:*:*:*:*:*
Matching versions
When used together with: SMA » Sunny Central 800cp Xt » Version: N/A
SMA » Sunny Central 850cp Xt Firmware » Version: N/A
cpe:2.3:o:sma:sunny_central_850cp_xt_firmware:-:*:*:*:*:*:*:*
Matching versions
When used together with: SMA » Sunny Central 850cp Xt » Version: N/A
SMA » Sunny Central 900cp Xt Firmware » Version: N/A
cpe:2.3:o:sma:sunny_central_900cp_xt_firmware:-:*:*:*:*:*:*:*
Matching versions
When used together with: SMA » Sunny Central 900cp Xt » Version: N/A
SMA » Sunny Central 500cp Xt Firmware » Version: N/A
cpe:2.3:o:sma:sunny_central_500cp_xt_firmware:-:*:*:*:*:*:*:*
Matching versions
When used together with: SMA » Sunny Central 500cp Xt » Version: N/A
SMA » Sunny Central 630cp Xt Firmware » Version: N/A
cpe:2.3:o:sma:sunny_central_630cp_xt_firmware:-:*:*:*:*:*:*:*
Matching versions
When used together with: SMA » Sunny Central 630cp Xt » Version: N/A
SMA » Sunny Central 720cp Xt Firmware » Version: N/A
cpe:2.3:o:sma:sunny_central_720cp_xt_firmware:-:*:*:*:*:*:*:*
Matching versions
When used together with: SMA » Sunny Central 720cp Xt » Version: N/A
SMA » Sunny Central 760cp Xt Firmware » Version: N/A
cpe:2.3:o:sma:sunny_central_760cp_xt_firmware:-:*:*:*:*:*:*:*
Matching versions
When used together with: SMA » Sunny Central 760cp Xt » Version: N/A
SMA » Sunny Central Storage 500 Firmware » Version: N/A
cpe:2.3:o:sma:sunny_central_storage_500_firmware:-:*:*:*:*:*:*:*
Matching versions
When used together with: SMA » Sunny Central Storage 500 » Version: N/A
SMA » Sunny Central Storage 630 Firmware » Version: N/A
cpe:2.3:o:sma:sunny_central_storage_630_firmware:-:*:*:*:*:*:*:*
Matching versions
When used together with: SMA » Sunny Central Storage 630 » Version: N/A
SMA » Sunny Central Storage 720 Firmware » Version: N/A
cpe:2.3:o:sma:sunny_central_storage_720_firmware:-:*:*:*:*:*:*:*
Matching versions
When used together with: SMA » Sunny Central Storage 720 » Version: N/A
SMA » Sunny Central Storage 760 Firmware » Version: N/A
cpe:2.3:o:sma:sunny_central_storage_760_firmware:-:*:*:*:*:*:*:*
Matching versions
When used together with: SMA » Sunny Central Storage 760 » Version: N/A
SMA » Sunny Central Storage 800 Firmware » Version: N/A
cpe:2.3:o:sma:sunny_central_storage_800_firmware:-:*:*:*:*:*:*:*
Matching versions
When used together with: SMA » Sunny Central Storage 800 » Version: N/A
SMA » Sunny Central Storage 850 Firmware » Version: N/A
cpe:2.3:o:sma:sunny_central_storage_850_firmware:-:*:*:*:*:*:*:*
Matching versions
When used together with: SMA » Sunny Central Storage 850 » Version: N/A
SMA » Sunny Central Storage 900 Firmware » Version: N/A
cpe:2.3:o:sma:sunny_central_storage_900_firmware:-:*:*:*:*:*:*:*
Matching versions
When used together with: SMA » Sunny Central Storage 900 » Version: N/A
SMA » Sunny Central Storage 1000 Firmware » Version: N/A
cpe:2.3:o:sma:sunny_central_storage_1000_firmware:-:*:*:*:*:*:*:*
Matching versions
When used together with: SMA » Sunny Central Storage 1000 » Version: N/A
SMA » Sunny Central Storage 2200 Firmware » Version: N/A
cpe:2.3:o:sma:sunny_central_storage_2200_firmware:-:*:*:*:*:*:*:*
Matching versions
When used together with: SMA » Sunny Central Storage 2200 » Version: N/A
SMA » Sunny Central Storage 2500-ev Firmware » Version: N/A
cpe:2.3:o:sma:sunny_central_storage_2500-ev_firmware:-:*:*:*:*:*:*:*
Matching versions
When used together with: SMA » Sunny Central Storage 2500-ev » Version: N/A
SMA » Sunny Boy Storage 2.5 Firmware » Version: N/A
cpe:2.3:o:sma:sunny_boy_storage_2.5_firmware:-:*:*:*:*:*:*:*
Matching versions
When used together with: SMA » Sunny Boy Storage 2.5 » Version: N/A

Exploit prediction scoring system (EPSS) score for CVE-2017-9857

EPSS FAQ

0.12%

Probability of exploitation activity in the next 30 days EPSS Score History

~ 28 %

Percentile, the proportion of vulnerabilities that are scored at or less

CVSS scores for CVE-2017-9857

Base Score	Base Severity	CVSS Vector	Exploitability Score	Impact Score	Score Source
4.3	MEDIUM	AV:N/AC:M/Au:N/C:P/I:N/A:N	8.6	2.9	NIST
Access Vector: Network Access Complexity: Medium Authentication: None Confidentiality Impact: Partial Integrity Impact: None Availability Impact: None
8.1	HIGH	CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H	2.2	5.9	NIST
Attack Vector: Network Attack Complexity: High Privileges Required: None User Interaction: None Scope: Unchanged Confidentiality: High Integrity: High Availability: High

CWE ids for CVE-2017-9857

CWE-287 Improper Authentication

When an actor claims to have a given identity, the product does not prove or insufficiently proves that the claim is correct.

Assigned by: nvd@nist.gov (Primary)

References for CVE-2017-9857

https://horusscenario.com/CVE-information/

CVE-Information – Horus Scenario
Third Party Advisory

CVEs referencing this url
http://www.sma.de/en/statement-on-cyber-security.html

Statement on Cyber Security

CVEs referencing this url
http://www.sma.de/fileadmin/content/global/specials/documents/cyber-security/Whitepaper-Cyber-Security-AEN1732_07.pdf

CVEs referencing this url

Jump to

Vulnerability Details : CVE-2017-9857

Products affected by CVE-2017-9857

Exploit prediction scoring system (EPSS) score for CVE-2017-9857

CVSS scores for CVE-2017-9857

CWE ids for CVE-2017-9857

References for CVE-2017-9857