SolarEdge SE3680H – Information Exposure during Bootloader Loop_CVE-2025-36744

2.4 / 10

LOW

CVSS:4.0/AV:P/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/S:N

Description

SolarEdge SE3680H has unauthenticated disclosure of sensitive information during the bootloader loop. While the device repeatedly initializes and waits for boot instructions, the bootloader emits diagnostic output this behavior can leak operating system information.

Basic Information

ID CVE-2025-36744

Source DIVD

Published Dec 12, 2025 at 15:05

Affected Product

Vendor SolarEdge

Product SE3680H

Version 4.0

Affected Versions SolarEdge SE3680H 4.0

References

{
    "lastseen": "",
    "description": "SolarEdge SE3680H has unauthenticated disclosure of sensitive information during the bootloader loop. While the device repeatedly initializes and waits for boot instructions, the bootloader emits diagnostic output this behavior can leak operating system information.",
    "published": "2025-12-12T15:05:39.214Z",
    "modified": "2025-12-12T15:05:39.214Z",
    "type": "cve",
    "title": "SolarEdge SE3680H - Information Exposure during Bootloader Loop",
    "source": "DIVD",
    "references": "https://csirt.divd.nl/CVE-2025-36744\nhttps://csirt.divd.nl/DIVD-2025-00022/",
    "id": "CVE-2025-36744",
    "bulletinFamily": "",
    "cwe": null,
    "cvelist": null,
    "sourceData": "SolarEdge SE3680H 4.0",
    "sourceHref": "",
    "cvss": {
        "score": 2.4,
        "severity": "LOW",
        "vector": "CVSS:4.0/AV:P/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/S:N",
        "version": "4.0"
    },
    "cvss2": [],
    "cvss3": {
        "version": "",
        "vectorString": "",
        "baseScore": 0,
        "baseSeverity": "",
        "attackVector": "",
        "attackComplexity": "",
        "privilegesRequired": "",
        "userInteraction": "",
        "scope": "",
        "confidentialityImpact": "",
        "integrityImpact": "",
        "availabilityImpact": "",
        "cvssV3": {
            "version": "",
            "vectorString": "",
            "baseScore": 0,
            "baseSeverity": "",
            "attackVector": "",
            "attackComplexity": "",
            "privilegesRequired": "",
            "userInteraction": "",
            "scope": "",
            "confidentialityImpact": "",
            "integrityImpact": "",
            "availabilityImpact": ""
        }
    },
    "href": "",
    "category_name": "CVE",
    "post_link": "",
    "product": "SE3680H",
    "version": "4.0",
    "vendor": "SolarEdge",
    "ai_description": "",
    "ai_severity": "",
    "ai_vendor": "",
    "ai_product": "",
    "ai_version": "",
    "ai_score": 0
}

Description

Basic Information

Affected Product

References

💭 Join the Security Discussion ❌ Cancel Reply