CVE-2025-36744 LOW

CVE-2025-36744: SolarEdge SE3680H - Information Exposure during Bootloader Loop

Vendor Solaredge
Product SE3680H
Published December 12, 2025
Last update December 12, 2025

CVSS base score

2.4/10
Attack vector Physical
Attack complexity Low
Privileges required None
User interaction None
Confidentiality
Integrity

CVSS vector

CVSS:4.0/AV:P/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/S:N

What the vulnerability does

01Description

SolarEdge SE3680H has unauthenticated disclosure of sensitive information during the bootloader loop. While the device repeatedly initializes and waits for boot instructions, the bootloader emits diagnostic output this behavior can leak operating system information.

Key dates

02Disclosure timeline

December 12, 2025 CVE published
December 12, 2025 Record updated