Vulnerabilities in the ConnectPort X2e device
In late 2019, the Red Team at Mandiant, a FireEye unit, discovered a number of vulnerabilities in Digi International's ConnectPort X2e device. Mandiant's research focused on the SolarCity (now Tesla) renamed X2e device, which is used to collect data in private solar systems. A typical setup provides that SolarCity provides a customer with a gateway (the X2e device) and this is connected to the Internet via an Ethernet cable in the customer's home network. In this way, the device can interpret and send energy measured values. Hackers have managed to remotely ...