You are using an out of date browser. It may not display this or other websites correctly. You should upgrade or use an alternative browser.
invertersecurity
About this tag
The invertersecurity tag on WindowsForum.com covers vulnerabilities and security issues related to solar inverter systems, particularly the SunPower PVS6. Recent content highlights CVE-2025-9696, a critical Bluetooth Low Energy flaw with a CVSS score of 9.4 that allows attackers within Bluetooth range to gain full servicing access, potentially enabling firmware replacement, power disruption, and grid setting alterations. Discussions focus on the technical details of the hard-coded encryption parameters and exposed protocols, as well as the implications for enterprise IT and security professionals managing renewable energy infrastructure. The tag serves as a resource for understanding and mitigating risks in inverter security.
The SunPower PVS6 fleet has been publicly flagged as critically vulnerable after CISA published an advisory (ICSA-25-245-03) describing a Bluetooth Low Energy (BluetoothLE) servicing interface that embeds hard‑coded encryption parameters and exposed protocol details—weaknesses that let an...