Authentication Bypass Vulnerability in Enphase Envoy Devices by Enphase Energy
CVE-2020-25753

9.8CRITICAL

Key Information:

Vendor

Enphase

Status
Envoy Firmware
Vendor
CVE Published:
16 June 2021

What is CVE-2020-25753?

A vulnerability exists in Enphase Envoy R3.x and D4.x devices running software version 3.x, where the default admin password is derived from the last six digits of the serial number. This serial number can be accessed by an unauthenticated user via the /info.xml endpoint, exposing a significant security risk. If an attacker can obtain the serial number, they can easily gain unauthorized access to the system, compromising the security and functionality of the device.

References

https://enphase.com/en-us/products-and-services/envoy-and...
x_refsource_MISC
https://stage2sec.com
x_refsource_MISC
https://medium.com/stage-2-security/can-solar-controllers...
x_refsource_MISC

CVSS V3.1

Score:
9.8
Severity:
CRITICAL
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.