← Back to home
ICSA-23-171-02  ·  Published 2023-06-20  ·  View on CISA ICS-CERT ↗

Enphase Installer Toolkit Android App

CVSS 8.6 HIGH

Risk Summary

Successful exploitation of this vulnerability could allow sensitive information to be obtained by an attacker using hard-coded credentials.

CVEs (1)

Remediations

  • Enphase Energy has not responded to requests to work with CISA to mitigate this vulnerability. Users of the affected products are encouraged to contact Enphase Energy support for additional information.

Affected Vendors

Enphase

Affected Products (1)

Enphase · Installer Toolkit <= 3.27.0

Affected Sectors

Energy

Get alerted to advisories like this

OTWarden monitors CISA, BSI, Siemens, Rockwell and more — and emails you within 2 hours when your vendors are affected.

Start free trial Learn more