Siemens KACO Blueplanet Inverters Contain Multiple Vulnerabilities

What Happened

Siemens KACO Blueplanet Inverters contain multiple vulnerabilities that could allow an attacker to derive the credentials from the device's serial number and misuse them to gain unauthorized access.

Who Is Affected

The following versions of Siemens KACO Blueplanet Inverters are affected:

blueplanet 100 NX3 M8 vers:all/*
blueplanet 100 TL3 GEN2 vers:all/*, vers:intdot/<6.1.4.9
blueplanet 105 TL3 vers:all/*
blueplanet 105 TL3 GEN2 vers:all/*, vers:intdot/<6.1.4.9
blueplanet 110 TL3 vers:all/*
blueplanet 125 NX3 M11 vers:all/*
blueplanet 125 TL3 vers:all/*
blueplanet 125 TL3 GEN2 vers:all/*, ver

Severity & Impact

The CVSS severity score for this vulnerability is not explicitly stated, but the threat severity is considered high.

Mitigation

KACO new energy GmbH has released new versions for several affected products and recommends updating to the latest versions. KACO new energy GmbH is preparing further fix versions and recommends countermeasures for products where fixes are not, or not yet available.

Siemens KACO Blueplanet Inverters Contain Multiple Vulnerabilities

What Happened

Who Is Affected

Severity & Impact

Mitigation

Sources

More news posts

GitLab CVE-2026-10733 Vulnerability

PDM Vulnerability Allows Arbitrary Code Execution