Icc13xx CVEs and Security Vulnerabilities

Use the Query Builder to create your own search query, or check out the documentation to learn the search syntax.

CVEs in KEV CVEs with EPSS >= 80% Crit. Microsoft High Apache SQL Injection (CWE-89) Linux Kernel High (CVSS 3.1) Apache Struts RCE (Remote Code Execution) XSS (CWE-79) Critical (CVSS 4.0) CVEs to check

CVE	Vendors	Products	Updated	CVSS v3.1
CVE-2025-41708	1 Bender	5 Cc612, Cc613, Icc13xx and 2 more	2025-09-15	7.4 High
Due to an unsecure default configuration HTTP is used instead of HTTPS for the web interface. An unauthenticated attacker on the same network could exploit this to learn sensitive data during transmission.
CVE-2025-41682	1 Bender	4 Cc612, Cc613, Icc13xx and 1 more	2025-09-09	8.8 High
An authenticated, low-privileged attacker can obtain credentials stored on the charge controller including the manufacturer password.

Page 1 of 1.