CVE-2024-8893

CVSS 3.1 Score 7.3 of 10 (high)

Details

Published Feb 14, 2025

CWE ID 798

Summary

CVE-2024-8893 is a vulnerability affecting the GoodWe Technologies Co., Ltd. GW1500-XS inverter model 1.1.2.1. This issue involves the usage of hard-coded credentials, enabling anyone within physical range of the device to gain unauthorized access to the inverter's web interface via Wi-Fi. Consequently, attackers can potentially manipulate settings or steal sensitive information, posing a significant risk to the security of the renewable energy system.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

https://app.recordedfuture.com/live/sc/entity/yrcZpS
https://www.cve.org/CVERecord?id=CVE-2024-8893
https://nvd.nist.gov/vuln/detail/CVE-2024-8893

Back to Vulnerability Database

CVE-2024-8893

CVSS 3.1 Score 7.3 of 10 (high)

Details

Summary

Advisories, Assessments, and Mitigations