News

Update needed: Deye inverter with safety problem

Photo of Simon Lüthje Simon Lüthje14. February 2023
deye

Even modern energy generation is not immune to cyber risks. This is at least the case when they offer smart features like WiFi connectivity. Apparently, exactly such a problem has occurred with the inverter from Deye. However, a corresponding software update should quickly solve the problem for owners of a balcony power plant.

Inverter from Deye with safety problem

Obtaining renewable energy on your own is only possible with your own home and a correspondingly large roof area? Not at all. Balcony power plants prove the opposite. They do not require much space and can minimize not only the electricity bill, but also the environmental footprint. Smaller in these models are not only the solar panels, but also the inverter. On top of that, those who opt for a balcony power plant in Berlin get government support. Here up to 500 euros are possible. A popular example are the systems from Deye.

Deye
Micro inverter from Deye (Image: Deye)

But the so-called microinverter has a problem ex-factory that owners should definitely address. A security vulnerability apparently ensures that the inverter’s access point remains permanently switched on. Furthermore, the trivial access code of “12345678” cannot be changed. Consequently, the model, which can be purchased here not only under the name Deye, but also Revolt or Bosswerk, can serve as a gateway into the home network. Behind the problem is apparently a software bug that affects the inverter’s WiFi unit. This has now apparently been solved by the Chinese manufacturer.

Deye rolls out software update

Really glorious was not the behavior of the company in relation to the vulnerability at first. After all, Deye issued a corresponding firmware update only upon request. After the colleagues from heise online dealt with this issue, however, a stone apparently started rolling. Finally, the manufacturer now plays its update (version 1.53) for the micro-inverter automatically on the device if this is connected to the Internet for at least 30 minutes. This emerges from a press release of the company on February 8, 2023. You should definitely install the software update if you own a Deye model. After all, the permanently activated WLAN access point is a blatant security risk.

Tags
Photo of Simon Lüthje Simon Lüthje14. February 2023
Photo of Simon Lüthje

Simon Lüthje

I am co-founder of this blog and am very interested in everything that has to do with technology, but I also like to play games. I was born in Hamburg, but now I live in Bad Segeberg.

Related Articles

Bluetti EP500Pro

Bluetti EP500Pro launches in Europe: solar generator with 5,100 Wh

26. June 2022

Black Friday: Jackery offers power stations at top price

24. November 2022
Balkonkraftwerk

Balcony power plant not registered in Germany: What is the penalty?

7. June 2023

EcoFlow Powerstream: New balcony power plant with electricity storage

31. May 2023

No replies yet

Beginne die Diskussion →

Neue Antworten laden...

Avatar of Basic Tutorials
Basic Tutorials

Gehört zum Inventar

9,741 Beiträge 2,616 Likes
Angeheftet Feb 14, 2023

Even modern energy generation is not immune to cyber risks. This is at least the case when they offer smart features like WiFi connectivity. Apparently, exactly such a problem has occurred with the inverter from Deye. However, a corresponding software update should quickly solve the problem for owners of a balcony power plant. Inverter from … (Weiterlesen...)

Antworten Like

Beteilige dich an der Diskussion in der Basic Tutorials Community →

Back to top button