all InfoSec news logo
all InfoSec news - Your InfoSec news aggregator
Log in Sign up
all InfoSec news

Active Exploitation of SolarView Compact Command Injection Vulnerabilities (CVE-2022-40881, CVE-2022-29303)

Add to bookmarks
July 7, 2023, 6:38 a.m. |

FortiGuard Labs | FortiGuard Center - Threat Signal Report fortiguard.fortinet.com

What is SolarView Compact?



SolarView Compact is a photovoltaic (PV) power generation measurement and monitoring device developed by Contec.







What is the Attack?

CVE-2022-29303 is a command injection vulnerability in SolarView Compact that allows attackers to steal or modify information, destroy the system, or execute malicious programs by entering commands from the test email transmission screen.
CVE-2022-40881 is a command injection vulnerability in SolarView Compat that allows attackers to steal or modify information, destroy the system, or execute malicious programs …

attack attackers command command injection contec cve cve-2022-29303 destroy device exploitation information injection malicious measurement monitoring power solarview steal system vulnerabilities vulnerability what is

Visit resource

More from fortiguard.fortinet.com / FortiGuard Labs | FortiGuard Center - Threat Signal Report

CrushFTP VFS Sandbox Escape Vulnerability (CVE-2024-4040) 20 hours ago | fortiguard.fortinet.com
attackers attacks cisa cisa known exploited vulnerabilities +27
ArcaneDoor Attack (CVE-2024-20353 and CVE-2024-20359) 6 days, 17 hours ago | fortiguard.fortinet.com
adaptive security advisory april arcanedoor +22
Akira Ransomware Attack (CVE-2023-20269 and CVE-2020-3259) 6 days, 17 hours ago | fortiguard.fortinet.com
access advisory akira akira ransomware +17
PAN-OS Critical Flaw in GlobalProtect Gateway (CVE-2024-3400) 2 weeks, 1 day ago | fortiguard.fortinet.com
advisory attack code code injection +27
XZ Utils Supply Chain Attack (CVE-2024-3094) 3 weeks, 6 days ago | fortiguard.fortinet.com
attack code compression cve +25
Nice Linear eMerge Command Injection Vulnerability (CVE-2019–7256) 1 month ago | fortiguard.fortinet.com
access attacker code code execution +25
Jenkins Arbitrary File Read Vulnerability (CVE-2024-23897) 1 month ago | fortiguard.fortinet.com
access application application developers attackers +31
Kimsuky Malware Attack 1 month ago | fortiguard.fortinet.com
attack cyber entities espionage +15
JetBrains TeamCity Authentication Bypass Vulnerabilities (CVE-2024-27198, CVE-2024-27199) 1 month, 2 weeks ago | fortiguard.fortinet.com
attacker authentication authentication bypass bypass +15

Jobs in InfoSec / Cybersecurity

Post a job on infosec-jobs.com Find talent on infosec-jobs.com

Senior Security Researcher

@ Microsoft | Redmond, Washington, United States
View on infosec-jobs.com

Sr. Cyber Risk Analyst

@ American Heart Association | Dallas, TX, United States
View on infosec-jobs.com

Cybersecurity Engineer 2/3

@ Scaled Composites, LLC | Mojave, CA, US
View on infosec-jobs.com

Information Security Operations Manager

@ DP World | Charlotte, NC, United States
View on infosec-jobs.com

Sr Cyber Security Engineer I

@ Staples | Framingham, MA, United States
View on infosec-jobs.com

Security Engineer - Heartland (Remote)

@ GuidePoint Security LLC | Remote in the US
View on infosec-jobs.com
View more jobs