CVE-2025-36744

Summary

SolarEdge SE3680H has unauthenticated disclosure of sensitive information during the bootloader loop. While the device repeatedly initializes and waits for boot instructions, the bootloader emits diagnostic output this behavior can leak operating system information.

Affected Software

VendorProductVersion RangeStatus
SolarEdgeSE3680H4.0 < 4.22affected

Weaknesses

  • CWE-1295: Debug Messages Revealing Unnecessary Information

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: yes
    • Technical Impact: partial

References