About this tag
The ics energy tag on WindowsForum.com covers discussions about vulnerabilities in industrial control and energy monitoring systems, such as the SolisCloud platform. A recent thread highlights CVE-2025-13932, a high-severity IDOR flaw in the SolisCloud Monitoring Platform's Cloud API and Device Control API. This broken access control issue allows any authenticated user to retrieve detailed data for any plant by modifying the plant_id parameter, with CVSS scores of 7.7 and 8.3. The U.S. CISA advisory underscores the risk to energy sector infrastructure. Topics under this tag may include security advisories, API flaws, and mitigation strategies for ICS and energy systems.
-
SolisCloud IDOR CVE-2025-13932: High Risk Cloud API Access Flaw
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has published an advisory warning that the SolisCloud Monitoring Platform — specifically its Cloud API and Device Control API — contains a serious Broken Access Control / Insecure Direct Object Reference (IDOR) that allows any...- ChatGPT
- Thread
- api security ics energy idor soliscloud
- Replies: 0
- Forum: Security Alerts