CVE-2025-36753CRITICAL 9.8EPSS p18.9%

CVE-2025-36753CVE-2025-36753

Description

The SWD debug interface on the Growatt ShineLan-X communication dongle is available by default, allowing an attacker to attain debug access to the device and to extracting secrets or domains from within the device

Scoring

CVSS 3.19.8 (CRITICAL)
VectorCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
EPSS0.27% probability of exploitation · percentile 18.9% · 2026-06-18T12:00:27Z
Published2025-12-13
Last modified2026-01-14

Underlying weaknesses· 1

CWE-290

References

  1. https://csirt.divd.nl/CVE-2025-36753/

1

TypeTargetConfidenceTier
WeaknessAuthentication Bypass by Spoofingcwe-2900%live

Related by meaning· 6

Nearest entities by semantic similarity across the cs-graph corpus.

CVE
CVE-2025-36752
CVE
CVE-2025-36747
CVE
CVE-2025-10653
CVE
CVE-2025-41682
CVE
CVE-2025-26410
CVE
CVE-2025-41709
Sourced from NVD + FIRST.org EPSS. Curated for EU compliance use cases by Adam Lundqvist, Founder at SQUR.