← Back to home
ICSA-25-245-03  ·  Published 2025-09-02  ·  View on CISA ICS-CERT ↗

SunPower PVS6

CVSS 9.6 CRITICAL

Risk Summary

Successful exploitation of this vulnerability could allow attackers to gain full access to the device, enabling them to replace firmware, modify settings, disable the device, create SSH tunnels, and manipulate attached devices.

CVEs (1)

Remediations

  • SunPower did not respond to CISA's attempt to coordinate these vulnerabilities. Users should contact SunPower for more information.

Affected Vendors

SunPower

Affected Products (1)

SunPower · PVS6 <=2025.06_build_61839

Affected Sectors

Energy

Get alerted to advisories like this

OTWarden monitors CISA, BSI, Siemens, Rockwell and more — and emails you within 2 hours when your vendors are affected.

Start free trial Learn more