← Retour aux CVEs
CVE-2025-36753
CRITICAL9.8
Description
The SWD debug interface on the Growatt ShineLan-X communication dongle is available by default, allowing an attacker to attain debug access to the device and to extracting secrets or domains from within the device
Details CVE
Score CVSS v3.19.8
SeveriteCRITICAL
Vecteur CVSSCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Vecteur d'attaqueNETWORK
ComplexiteLOW
Privileges requisNONE
Interaction utilisateurNONE
Publie12/13/2025
Derniere modification1/14/2026
Sourcenvd
Observations honeypot0
Produits affectes
growatt:shine_lan-xgrowatt:shine_lan-x_firmware
Faiblesses (CWE)
CWE-290
References
https://csirt.divd.nl/CVE-2025-36753/(csirt@divd.nl)
Correlations IOC
Aucune correlation enregistree
This product uses data from the NVD API but is not endorsed or certified by the NVD.