Browse all 4 CVE security advisories affecting SolarEdge. AI-powered Chinese analysis, POCs, and references for each vulnerability.
SolarEdge develops solar power optimization and monitoring systems for residential and commercial installations. Historically, their products have faced vulnerabilities including remote code execution, cross-site scripting, and privilege escalation, often stemming from web interfaces and communication protocols. The company has addressed security issues through firmware updates, though some flaws remained exploitable before patches. SolarEdge's systems, being internet-connected, present potential attack surfaces for threat actors targeting critical infrastructure. While no major public security incidents have been widely reported, the presence of multiple CVEs indicates ongoing security challenges in their IoT ecosystem, emphasizing the need for robust patch management and network segmentation for deployed solutions.
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2025-36743 | SolarEdge SE3680H - Exposed Debug interface — SE3680H | 9.8AI | CriticalAI | 2025-12-12 |
| CVE-2025-36746 | SolarEdge Monitoring Platform contains a XSS upon report deletion — SolarEdge Monitoring platform (SaaS) | 5.4AI | MediumAI | 2025-12-12 |
| CVE-2025-36745 | SolarEdge SE3680H contains Linux Kernel vulnerabilities — SE3680H | 8.8AI | HighAI | 2025-12-12 |
| CVE-2025-36744 | SolarEdge SE3680H - Information Exposure during Bootloader Loop — SE3680H | 7.5AI | HighAI | 2025-12-12 |
This page lists every published CVE security advisory associated with SolarEdge. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.