Sinapsi eSolar Light Plaintext Passwords Vulnerability
Low RiskICS-CERT ICSA-15-160-02Mar 12, 2015
Summary
Sinapsi eSolar Light stores passwords in plaintext, allowing attackers with access to configuration files or the system to obtain credentials used for system authentication and control.
What this means
What could happen
An attacker who gains access to the system files could retrieve plaintext passwords, potentially allowing unauthorized access to solar power generation controls and monitoring systems.
Who's at risk
Solar power plant operators using Sinapsi eSolar Light for generation monitoring and control should be concerned. This affects facilities relying on this system for real-time visibility and command authority over photovoltaic arrays and inverters.
How it could be exploited
An attacker with local file system access (via physical access, compromised workstation, or network-based file service exposure) can read configuration files containing plaintext passwords and use them to authenticate to the eSolar Light interface or other integrated systems.
Prerequisites
- Local or network-based file system access to the eSolar Light system
- Ability to locate and read configuration files
- Knowledge of which credentials are stored plaintext
no patch availableplaintext credential storageaffects control system access
Exploitability
Low exploit probability (EPSS 0.1%)
Affected products (1)
ProductAffected VersionsFix Status
Sinapsi eSolar Light: <2.0.3970_schsl_2.2.85.<2.0.3970 schsl 2.2.85.No fix (EOL)
Remediation & Mitigation
0/4
Do now
0/1HARDENINGRestrict file system access to the eSolar Light system through filesystem permissions and access controls
Schedule — requires maintenance window
0/1Patching may require device reboot — plan for process interruption
HARDENINGRegularly audit file access logs for the eSolar Light system to detect unauthorized configuration file reads
Mitigations - no patch available
0/2Sinapsi eSolar Light: <2.0.3970_schsl_2.2.85. has reached End of Life. The vendor will not release a patch. Apply the following compensating controls:
HARDENINGIsolate the eSolar Light system on a restricted network segment with limited access from engineering workstations and administrative systems
HARDENINGImplement host-based intrusion detection or file integrity monitoring to alert on unauthorized access to configuration files
CVEs (1)
↑↓ Navigate · Esc Close
API:
/api/v1/advisories/36223b49-9199-4cb9-8d83-704b9d96057e