1. EXECUTIVE SUMMARY
- CVSS v4 9.4
- ATTENTION: Exploitable from an adjacent network/low attack complexity
- Vendor: SunPower
- Equipment: PVS6
- Vulnerability: Use of Hard-Coded Credentials
2. RISK EVALUATION
Successful exploitation of this vulnerability could allow attackers to gain full access to the device, enabling them to replace firmware, modify settings, disable the device, create SSH tunnels, and manipulate attached devices.
3. TECHNICAL DETAILS
3.1 AFFECTED PRODUCTS
The following versions of SunPower PVS6 are affected:
- PVS6: Versions 2025.06 build 61839 and prior
3.2 VULNERABILITY OVERVIEW
3.2.1 USE OF HARD-CODED CREDENTIALS CWE-798
The SunPower PVS6’s BluetoothLE interface is vulnerable due to its use of hardcoded encryption parameters and publicly accessible protocol details. An attacker within Bluetooth range could exploit this vulnerability to gain full access to the device’s servicing interface. This access allows the attacker to perform actions such as firmware replacement, disabling power production, modifying grid settings, creating SSH tunnels, altering firewall settings, and manipulating connected devices.
CVE-2025-9696 has been assigned to this vulnerability. A CVSS v3.1 base score of 9.6 has been calculated; the CVSS vector string is (AV:A/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H).
A CVSS v4 score has also been calculated for CVE-2025-9696. A base score of 9.4 has been calculated; the CVSS vector string is (AV:A/AC:L/AT:N/PR:N/UI:N/VC:H/
[…]
Content was cut in order to protect the source.Please visit the source for the rest of the article.
Read the original article: