- Greater ChinaSimplified ChineseTraditional Chinese
- Germany (Global)GermanEnglishFrenchSpanish
- Middle East & AfricaEnglish
- South AmericaSpanish
- South AsiaEnglish
- South East AsiaEnglish
- United KingdomEnglish
- United States of AmericaEnglish
Current security notifications
Please also read the information and documentation in our document archive.
December 20, 2021 | Log4Shell vulnerability
As already reported in the international media, a cyber security vulnerability has been identified (CVE-2021-44228, https://nvd.nist.gov/vuln/detail/CVE-2021-44228). It enables hackers to execute malicious program codes on the target systems, compromising system security as a result.
SMA inverters and the SMA monitoring portals are not affected by this latest vulnerability, although certain other SMA products may be affected. For these products, SMA will soon provide automatic software updates to counter the vulnerability. To make it harder for hackers to attack vulnerable systems, SMA will not disclose the products and versions in question until after the automatic updates have been rolled out.
Operators of large-scale SMA systems that are not subject to the automatic update will be contacted directly by the SMA service team and the updates will be installed by agreement.
You can find further information about this issue in the SMA manufacturer declaration →. It is updated regularly.
If you have any further questions, please contact SMA Information-Security@sma.de.
We are doing everything we can to solve this problem and would like to apologize for any inconvenience caused.