ICSA-25-105-04 · Published 2025-05-06 · View on CISA ICS-CERT ↗

Growatt Cloud Applications

CVSS 9.8 CRITICAL

Risk Summary

Successful exploitation of these vulnerabilities could allow an attacker to compromise confidentiality, achieve cross-site scripting, or code execution on affected devices.

CVEs (30)

CVE-2025-30511 CVE-2025-31933 CVE-2025-31949 CVE-2025-31357 CVE-2025-31941 CVE-2025-24487 CVE-2025-27568 CVE-2025-30254 CVE-2025-27939 CVE-2025-27938 CVE-2025-30514 CVE-2025-31654 CVE-2025-27719 CVE-2025-26857 CVE-2025-31945 CVE-2025-31950 CVE-2025-27575 CVE-2025-27565 CVE-2025-25276 CVE-2025-24850 CVE-2025-30510 CVE-2025-24297 CVE-2025-27927 CVE-2025-30512 CVE-2025-31360 CVE-2025-31147 CVE-2025-30257 CVE-2025-27561 CVE-2025-24315 CVE-2025-27929

Remediations

Growatt reports the cloud based vulnerabilities were patched and no user action is needed. Additionally, Growatt strongly recommends that their users take proactive steps in securing their devices and take the following actions:
Update all devices to the latest firmware version when available. (Updates are automatic, no user action needed.)
Use strong passwords and enable multi-factor authentication where applicable.
Report any security concerns to [email protected].
Stay vigilant. Users and installers should regularly review security settings, follow best practices, and report any unusual activity.

Affected Vendors

Growatt

Affected Products (1)

Growatt · Growatt cloud portal <=3.6.0

Affected Sectors

Energy

Get alerted to advisories like this

OTWarden monitors CISA, BSI, Siemens, Rockwell and more — and emails you within 2 hours when your vendors are affected.

Start free trial Learn more