These pages are published after PatchSiren validates generated defensive summaries against stored public CVE and source evidence.
CVE-2025-31950 is a Growatt cloud portal issue affecting versions <=3.6.0, where an unauthenticated attacker can obtain other users’ EV charger energy consumption information. CISA published the advisory on 2025-04-15 and later revised it on 2025-05-06 for typo fixes; the vendor states the cloud-based vulnerabilities were patched and no user action is needed.
CVE-2025-31949 is a medium-severity information disclosure issue in Growatt cloud portal deployments. According to CISA’s advisory, an authenticated attacker who knows a plant ID can obtain the corresponding plant name. The advisory was published on 2025-04-15 and later revised on 2025-05-06 for typo fixes, with no change to the core issue description. The affected product listed in the source is Growatt [truncated]
CVE-2025-31941 affects the Growatt cloud portal and was published by CISA on 2025-04-15, with a later revision on 2025-05-06 for typo fixes. The advisory states that an unauthenticated attacker can obtain a list of smart devices by knowing a valid username. Growatt’s remediation guidance says the cloud-based vulnerabilities were patched and that firmware updates are automatic, while also recommending stro [truncated]
CVE-2025-31360 is a Growatt cloud portal vulnerability affecting versions up to 3.6.0. According to CISA’s advisory, an unauthenticated attacker can trigger device actions associated with specific scenes for arbitrary users. Growatt reports the cloud-based vulnerabilities were patched, and updates are automatic.
CVE-2025-31357 is an unauthenticated information disclosure issue in Growatt cloud applications. According to CISA’s CSAF advisory, an attacker who knows a username can obtain that user’s plant list in Growatt cloud portal versions up to 3.6.0. The issue is scored CVSS 3.1 5.3 (Medium) and is limited to confidentiality impact in the supplied vector. CISA’s advisory says the cloud-based vulnerabilities wer [truncated]
CVE-2025-31147 affects the Growatt cloud portal and is rated Medium (CVSS 5.3). According to CISA’s advisory, unauthenticated attackers could query information about the total energy consumed by EV chargers belonging to arbitrary users. The advisory covers Growatt cloud portal versions up to 3.6.0. Growatt states the cloud-based vulnerabilities were patched and that no user action is needed, while also re [truncated]
CVE-2025-30514 is a medium-severity information disclosure issue in Growatt cloud applications, specifically the Growatt cloud portal version 3.6.0 and earlier. According to CISA’s advisory, an unauthenticated attacker can obtain restricted information about a user’s smart device collections (“scenes”). The published CVSS v3.1 vector is network-reachable with no privileges or user interaction required, bu [truncated]
CVE-2025-30512 is a medium-severity issue in Growatt cloud portal software where unauthenticated attackers can send configuration settings to a device and may remotely trigger physical actions such as on/off control. CISA published the advisory on 2025-04-15 and later revised it on 2025-05-06 for typo fixes only. Growatt states the cloud-based vulnerabilities were patched and that no user action is needed [truncated]
CISA's advisory for Growatt cloud applications (ICSA-25-105-04) describes an authenticated stored cross-site scripting issue in the Growatt cloud portal, affecting version <=3.6.0. The flaw stems from improper sanitization of the plant name value when a user adds or edits a plant. The advisory assigns CVSS v3.1 8.8 (HIGH). Growatt states the cloud-based vulnerabilities were patched and no user action is n [truncated]
CVE-2025-30257 is a medium-severity information-disclosure issue in Growatt's cloud portal. According to CISA's advisory, unauthenticated attackers can retrieve the serial number of smart meters associated with a specific user account. Growatt states the cloud-based vulnerabilities were patched and that no user action is needed, while also recommending basic account hygiene such as strong passwords and MF [truncated]
CVE-2025-30254 is a medium-severity information disclosure issue in Growatt's cloud portal. According to the CISA advisory, an unauthenticated attacker can obtain the serial number of a smart meter by using the owner's username. Growatt states the cloud-based vulnerabilities were patched and that no user action is needed, while also recommending standard account-hygiene steps for users and installers.
CVE-2025-27939 is a high-severity account-takeover issue in the Growatt cloud portal. The advisory says an attacker can change another user's registered email address and then take over arbitrary accounts. CISA's CSAF advisory identifies the affected product as Growatt cloud portal version 3.6.0 and earlier. Growatt states the cloud-based vulnerabilities were patched and that no user action is needed, whi [truncated]
CVE-2025-27929 is a Growatt cloud portal issue documented by CISA in ICSA-25-105-04. The advisory says unauthenticated attackers could retrieve the full list of users associated with arbitrary accounts in Growatt cloud applications, affecting Growatt cloud portal versions <=3.6.0. CISA published the advisory on 2025-04-15 and later revised it on 2025-05-06 for typo fixes. Growatt states the cloud-based vu [truncated]
CVE-2025-27927 is a medium-severity information-disclosure issue in Growatt cloud applications. According to the CISA advisory, an unauthenticated attacker who knows a valid username can use an unprotected API to obtain a list of smart devices associated with that account. CISA lists Growatt cloud portal versions <=3.6.0 as affected and notes that Growatt reported the cloud-based vulnerabilities were patched.
CVE-2025-27719 is a medium-severity issue in Growatt cloud applications where an unauthenticated attacker can query an API endpoint and obtain device details. The CISA CSAF advisory was first published on 2025-04-15 and later revised on 2025-05-06 for typo fixes. The supplied advisory does not place the issue on the Known Exploited Vulnerabilities list.
CVE-2025-27575 is an unauthenticated information-disclosure issue in Growatt cloud applications. According to CISA’s advisory, an attacker who knows a charger ID can obtain EV charger version information and firmware upgrading history from the Growatt cloud portal. The advisory was first published on 2025-04-15 and later revised on 2025-05-06 for typo fixes only.
CVE-2025-27568 is a medium-severity information-disclosure issue in Growatt cloud portal versions <=3.6.0. According to the CISA advisory, an unauthenticated attacker who knows a username can trigger a password reset email and thereby learn the associated email address. Growatt states the cloud-based vulnerabilities were patched and that no user action is needed.
CVE-2025-27565 affects Growatt cloud portal versions up to 3.6.0. According to CISA’s advisory, an unauthenticated attacker who knows a user ID and room ID can delete that user’s rooms. The advisory was published on 2025-04-15 and later revised on 2025-05-06 for typo fixes only.
CVE-2025-27561 is a medium-severity issue in the Growatt cloud portal (up to version 3.6.0) where unauthenticated attackers could rename rooms belonging to arbitrary users. The CISA advisory was initially published on 2025-04-15 and later revised on 2025-05-06 for typo fixes. Growatt states the cloud-based vulnerabilities were patched and that no user action is needed, while still recommending basic accou [truncated]
CVE-2025-26857 is a Growatt cloud portal issue affecting versions up to 3.6.0. According to the CISA advisory, an unauthenticated attacker could rename arbitrary devices belonging to arbitrary users, including EV chargers. CISA published the advisory on 2025-04-15 and later revised it on 2025-05-06 for typo fixes. Growatt states the cloud-based vulnerabilities were patched and that no user action is neede [truncated]
CVE-2025-25276 is a medium-severity issue in Growatt cloud applications / cloud portal. CISA’s advisory says an unauthenticated attacker can hijack other users’ devices and potentially control them. The affected product is listed as Growatt cloud portal <=3.6.0. Growatt states the cloud-based vulnerabilities were patched and that no user action is needed, while also recommending strong passwords, MFA wher [truncated]
CVE-2025-24850 is a medium-severity information disclosure issue in the Growatt cloud portal. According to CISA’s advisory, an attacker could export other users’ plant information in affected versions (<= 3.6.0). The issue was publicly disclosed on 2025-04-15 and later revised on 2025-05-06 for typo fixes. Growatt states the cloud-based vulnerabilities were patched and that updates are automatic, with no [truncated]
CVE-2025-24315 is a medium-severity cloud application issue in Growatt’s cloud portal where an unauthenticated attacker could add devices to scenes belonging to other users, or to arbitrary scenes of other users. CISA’s advisory ties the issue to Growatt Cloud Applications / Growatt cloud portal version <= 3.6.0 and assigns a CVSS v3.1 score of 5.3. Growatt reports the cloud-based vulnerabilities were pat [truncated]
CVE-2025-24297 is a critical flaw in Growatt’s cloud portal caused by missing server-side input validation. CISA’s advisory says attackers can inject malicious JavaScript into users’ personal spaces in the web portal, which aligns with a high-impact web injection/XSS-style issue. The advisory was first published on 2025-04-15 and later revised on 2025-05-06 for typo fixes only. Growatt states the cloud-ba [truncated]