You are using an out of date browser. It may not display this or other websites correctly. You should upgrade or use an alternative browser.
pvs6
About this tag
The PVS6 tag on WindowsForum.com covers discussions about the SunPower PVS6 solar inverter, specifically a critical Bluetooth Low Energy vulnerability tracked as CVE-2025-9696. This flaw, rated 9.4 CVSS, involves hard-coded encryption parameters and exposed protocol details that allow attackers within Bluetooth range to gain full servicing access. Affected firmware versions include 2025.06 build 61839 and prior. Potential impacts include firmware replacement, disabling power production, creating SSH tunnels, and altering firewall or grid settings. The content focuses on security advisories, technical details of the exploit, and implications for PVS6 fleet operators.
The SunPower PVS6 fleet has been publicly flagged as critically vulnerable after CISA published an advisory (ICSA-25-245-03) describing a Bluetooth Low Energy (BluetoothLE) servicing interface that embeds hard‑coded encryption parameters and exposed protocol details—weaknesses that let an...