CVE-2025-36745 identifies a critical security vulnerability in the SolarEdge SE3680H solar inverter, specifically related to the use of an outdated Linux kernel version that contains multiple unpatched vulnerabilities in core subsystems. The root cause is the use of unmaintained third-party components (CWE-1104), which introduces risks such as remote code execution (RCE), privilege escalation, and sensitive information disclosure. The vulnerability can be exploited by an attacker with either network or local access, without requiring authentication or user interaction, making it highly accessible for exploitation. The CVSS 4.0 score of 8.6 reflects the high impact on confidentiality, integrity, and availability, with low attack complexity and no privileges or user interaction needed. The affected product version is 4.0 of the SE3680H inverter, widely deployed in solar power installations. Although no public exploits are known yet, the potential for severe operational disruption or data compromise is significant. The lack of available patches at the time of publication increases the urgency for mitigation. The vulnerability highlights the risks of relying on unmaintained third-party software components in critical infrastructure devices, emphasizing the need for rigorous supply chain security and timely updates.

For European organizations, this vulnerability poses a substantial threat to the security and reliability of solar power infrastructure. Successful exploitation could lead to unauthorized control over solar inverters, enabling attackers to disrupt power generation, cause physical damage to equipment, or exfiltrate sensitive operational data. This could affect energy availability and grid stability, especially in countries with high solar penetration. The confidentiality breach could expose sensitive operational parameters or user data, while integrity and availability impacts could lead to financial losses and reputational damage. Critical infrastructure operators, energy providers, and large-scale solar farm operators are particularly at risk. The vulnerability's network accessibility means that attackers could exploit it remotely if the devices are exposed or insufficiently segmented within corporate or utility networks. Given the strategic importance of renewable energy in Europe’s energy transition, this vulnerability could have broader implications for energy security and compliance with regulatory requirements.

Immediate mitigation should focus on isolating affected SolarEdge SE3680H devices from untrusted networks by implementing strict network segmentation and firewall rules to restrict access to management interfaces. Organizations should monitor network traffic for unusual activity targeting these devices. Since no patches are currently available, contacting SolarEdge for firmware updates or security advisories is critical. Deploy compensating controls such as VPNs or zero-trust network access to limit exposure. Regularly audit and update device inventories to identify all affected units. Implement strict access controls and multi-factor authentication for any interfaces that manage these inverters. Additionally, organizations should prepare incident response plans tailored to potential inverter compromise scenarios. Long-term, vendors and operators must ensure timely updates of third-party components and adopt secure software supply chain practices to prevent recurrence.