Skip to main content

Ingecon Sun EMS Board CVE-2026-8072

| EUVDEUVD-2026-29445 CRITICAL
Use of a Broken or Risky Cryptographic Algorithm (CWE-327)
2026-05-12 INCIBE GHSA-4h3h-6vxm-m4vr
9.2
CVSS 4.0 · NVD
Share

Severity by source

NVD PRIMARY
9.2 CRITICAL
CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

Primary rating from NVD · only source for this CVE.

CVSS VectorNVD

CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Attack Vector
Network
Attack Complexity
High
Privileges Required
None
User Interaction
None
Scope
X

Lifecycle Timeline

3
Analysis Generated
May 12, 2026 - 10:31 vuln.today
CVSS changed
May 12, 2026 - 10:22 NVD
9.2 (CRITICAL)
CVE Published
May 12, 2026 - 09:57 nvd
CRITICAL 9.2

DescriptionCVE.org

Insecure generation of credentials in the local SAT (Technical Support) access functionality of the Ingecon Sun EMS Board. The vulnerability arose because the secret access credentials were not based on a secure cryptographic scheme, but rather on a weak hashing algorithm, which could allow an attacker to carry out a privilege escalation.

AnalysisAI

Weak credential generation in Ingeteam's Ingecon Sun EMS Board Technical Support access mechanism allows remote privilege escalation via cryptographic weakness. The SAT (Technical Support) access feature generates credentials using a weak hashing algorithm instead of cryptographically secure methods, enabling attackers to predict or derive privileged access credentials. CVSS 9.2 reflects network-accessible attack with high complexity but no authentication required. INCIBE coordinated disclosure confirms vendor patch availability, and a practical analysis of the vulnerability has been published by ReverseMode, indicating detailed technical understanding exists in the research community.

Technical ContextAI

The Ingecon Sun EMS Board is an energy management system component used in solar inverter infrastructure for industrial and utility-scale photovoltaic installations. The vulnerability exists in the SAT (Soporte de Asistencia Técnica/Technical Support) access subsystem, which generates temporary or persistent credentials for remote technical support. CWE-327 (Use of a Broken or Risky Cryptographic Algorithm) indicates the credentials are derived using a deprecated or weak hashing function-likely MD5, SHA-1, or a custom algorithm without sufficient entropy-rather than modern key derivation functions like PBKDF2, bcrypt, or Argon2. The CPE identifier cpe:2.3:a:ingeteam:ingecon_sun_ems_board:*:*:*:*:*:*:*:* indicates all versions of the product may be affected unless specific version ranges are documented in vendor advisories. This represents a systemic design flaw in the authentication architecture rather than an implementation bug in a specific code path.

RemediationAI

Apply vendor-released patch documented in INCIBE advisory at https://www.incibe.es/en/incibe-cert/notices/aviso-sci/insecure-generation-sat-access-credentials-ingecon-ems-board. Patched firmware will replace the weak credential generation mechanism with cryptographically secure random number generation and key derivation functions. If immediate patching is not feasible, implement compensating controls: (1) Disable SAT remote access functionality entirely if not operationally required-consult Ingeteam documentation for feature disablement procedures, noting this prevents vendor remote support capabilities; (2) Restrict network access to the SAT interface via firewall rules permitting only specific trusted IP addresses (vendor support ranges), accepting operational burden of whitelist maintenance; (3) Deploy network segmentation placing EMS boards in isolated VLAN with IDS/IPS monitoring for anomalous authentication attempts, though this does not prevent exploitation if attacker gains network position; (4) Enable all available audit logging for SAT access attempts and integrate with SIEM for detection of credential derivation attacks. Compensating controls reduce but do not eliminate risk; patching remains the only complete mitigation.

Share

CVE-2026-8072 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy