CVE-2025-36743 – SolarEdge SE3680H inverters have an unauthentic... (How to Fix)

Q: What is the severity of CVE-2025-36743?

CVE-2025-36743 has a CVSS score of 6.8 (MEDIUM). SolarEdge SE3680H inverters have an unauthenticated debug/test interface that allows attackers to access system internals and execute debug commands. This affects all systems running vulnerable firmware versions. Attackers can potentially gain unauthorized access to sensitive information and system control.

📋 TL;DR

SolarEdge SE3680H inverters have an unauthenticated debug/test interface that allows attackers to access system internals and execute debug commands. This affects all systems running vulnerable firmware versions. Attackers can potentially gain unauthorized access to sensitive information and system control.

💻 Affected Systems

Products:

SolarEdge SE3680H

Versions: All versions prior to patched firmware

Operating Systems: Embedded firmware

Default Config Vulnerable: ⚠️ Yes

Notes: Affects default configurations; debug interface is enabled by default

📦 What is this software?

Se3680h Firmware by Solaredge

View all CVEs affecting Se3680h Firmware →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Complete system compromise allowing attackers to manipulate inverter operations, steal sensitive data, or use as pivot point into broader network

🟠

Likely Case

Information disclosure of system internals, configuration data, and potential execution of limited debug commands

🟢

If Mitigated

Limited impact if interface is properly firewalled and network segmentation prevents external access

🌐 Internet-Facing: HIGH - Directly accessible debug interface with no authentication

🏢 Internal Only: MEDIUM - Still vulnerable to internal threats but requires network access

🎯 Exploit Status

Public PoC: ✅ No

Weaponized: UNKNOWN

Unauthenticated Exploit: ⚠️ Yes

Complexity: LOW

Direct access to debug interface requires no authentication; exploitation is straightforward

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Check SolarEdge security advisory for specific version

Vendor Advisory: https://www.solaredge.com/security

Restart Required: Yes

Instructions:

1. Check SolarEdge security advisory for latest firmware
2. Download patched firmware from SolarEdge portal
3. Upload firmware to inverter via SetApp or installer portal
4. Reboot inverter to apply update

🔧 Temporary Workarounds

Network segmentation and firewall rules

all

Block access to debug interface ports from untrusted networks

Disable debug interface if not needed

all

Turn off debug/test interface functionality

🧯 If You Can't Patch

Implement strict network segmentation to isolate inverters from untrusted networks
Deploy network monitoring to detect unauthorized access attempts to debug ports

🔍 How to Verify

Check if Vulnerable:

Attempt to access debug interface on default ports; check if accessible without authentication

Check Version:

Check inverter firmware version via SetApp or installer portal interface

Verify Fix Applied:

Verify debug interface requires authentication or is disabled; check firmware version against patched version

📡 Detection & Monitoring

Log Indicators:

Unauthorized access attempts to debug ports
Unexpected debug command execution

Network Indicators:

Traffic to debug interface ports from unauthorized sources
Unusual protocol patterns on debug ports

SIEM Query:

source_ip NOT IN (trusted_ips) AND dest_port IN (debug_ports)

📊 Metadata

CVE ID: CVE-2025-36743

CVSS v3 Score: 6.8 (MEDIUM)

CVSS Vector: CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

EPSS Score: 0.03% exploit probability (7.3th percentile)

Published: December 12, 2025

Last Updated: December 23, 2025

🔗 References

https://csirt.divd.nl/CVE-2025-36743 Third Party Advisory
https://csirt.divd.nl/DIVD-2025-00022/ Broken Link

📤 Share & Export

📄 Export Markdown 📋 Export JSON