According to a report published by the Austrian firm CyberDanube, the affected equipment includes Solar-Log inverters and gateways, used by both individuals and professional operators.
Zero-day strikes again
These vulnerabilities allow a remote attacker to take control of equipment without requiring authentication. The flaws in question are zero-day, meaning they were not known to the manufacturer before their disclosure. By exploiting these breaches, a hacker could not only disrupt the operation of the installation, but also access sensitive information, divert electricity production, or sabotage exchanges with the grid.
What particularly worries experts is the volume of exposed systems and their growing role in the energy balance. With the rise of self-consumption and smart grids, many homes and businesses rely on these devices to manage the production, storage, and redistribution of green electricity. A coordinated attack could therefore have a much broader impact than a simple isolated outage.
Contacted by several media outlets, Solar-Log acknowledged the existence of vulnerabilities and stated that it is actively working on releasing security patches. In the meantime, users are advised to disable remote access to their gateway, check their firmware version, and monitor any abnormal behavior of their solar installation. Some experts even recommend temporarily disconnecting devices from the internet, especially if they are publicly accessible via an IP address.
In France, the exact number of affected homes is still unknown, but Solar-Log equipment is present on the market, including in kits installed by professionals or available for sale online. The ANSSI (National Agency for Information Systems Security) has not yet issued an official statement, but guidelines could be published in the coming days.
This case highlights a reality that is still insufficiently considered: the cybersecurity of energy equipment remains a weak link in the ecological transition. While solar panels, charging stations, and home batteries are becoming increasingly connected, their security does not always keep pace with their mass adoption. This is a major challenge for the years to come.
0 Comments