WE USE COOKIES ON THIS SITE TO ENHANCE YOUR USER EXPERIENCE
By clicking any link on this page you are giving your consent for us to set cookies.
More info
OK, I AGREE
NO, THANKS
|
Online exhibition
|
Online experience Hall
|
|
LANGUAGE
  • HOME
  • ABOUT SUNGROW
  • SOLUTIONS
    PV SYSTEM

    Residential System

    Commercial System

    Utility System

    STORAGE SYSTEM

    Residential Storage System

    Commercial Storage System

    Utility Storage System

    EV CHARGER

    Private PV + ESS + Charger Solution

    Destination Charging

    Public Fast Charging

    FLOATING PV SYSTEM

    Floating PV System

    PV POWER PLANT

    Residential PV Business Unit

    Green Power Business Unit

    WIND PRODUCTS & SOLUTION

    Aftermarket

    FLEXIBLE GREEN HYDROGEN PRODUCTION SYSTEM

    Flexible Green Hydrogen Production System

  • PRODUCTS
    PV SYSTEM

    String Inverter

    Central Inverter

    MLPE

    1+X Modular Inverter

    STORAGE SYSTEM

    MV Power Converter/Hybrid Inverter

    Battery

    Energy Storage System

    EV CHARGER

    AC Charger

    DC Charger

    iEnergyCharge

    iSOLARCLOUD

    Cloud Platform

    Energy Management System

    Intelligent Gateway

    FLOATING PV SYSTEM

    Floating Body

    Inverter & Booster Floating Platform

    ACCESSORY

    Monitoring

    WIND PRODUCTS

    Doubly-fed Wind Converter

    Full Power Converter

    Medium Voltage Converter

    Pitch Drivers

    Grid Simulator

    Motors Drivers

    HYDROGEN EQUIPMENT

    ALK water electrolysis equipment

    PEM water electrolysis equipment

    PWM hydrogen production power supply

    Intelligent hydrogen management system

  • SERVICE & SUPPORT
    ONLINE SERVICE
    CONTACT US
    CONTACT FORM
SEARCH
Guess you want to find it.
Online
exhibition
Online
experience Hall
SEARCH
Guess you want to find it.
COUNTRY


Sungrow Product Security Incident Response Team (PSIRT) is a dedicated team that receives, investigates, and discloses security vulnerabilities in Sungrow products. Sungrow defines vulnerabilities as exploitable security issues which, once exploited by attackers, could compromise the integrity, availability, or confidentiality of products. A vulnerability is not equivalent to a quality defect. A quality defect is triggered under certain conditions, without being exploited by an attacker, while a vulnerability must be exploited by an attacker before being triggered. 


Sungrow PSIRT makes the following commitments:

We use IEC 62443-4-1 to manage its security management and development processes.

We take actions to reduce vulnerabilities in our products and services to reduce or eliminate the harm and security risks caused to customers/users by Sungrow product/service vulnerabilities.

We promptly provide risk mitigations to customers/users after vulnerabilities are found in our products and services.

We actively identify our vulnerability management responsibilities and requirements (including applicable laws/regulations on business operation, contract requirements, and applicable public standards) and build a system to proactively manage vulnerabilities.

We will continue to optimize our vulnerability management processes and standards, learn from industry standards and best practices, and improve our vulnerability management maturity.


Reporting Suspected Vulnerabilities

Sungrow supports the responsible vulnerability disclosure and handling process, and encourages security researchers, industry organizations, customers, and suppliers to report suspected Sungrow product vulnerabilities to Sungrow PSIRT. If you have found the vulnerabilities, you can email the description of the vulnerability (including the specific product model, software version, etc.) to psirt@sungrowpower.com  and leave your contact information. Generally, you will get an email of confirmation within 1 working day from submission; an email of verification within 7 working days.Subsequently, we will keep you updated with the latest progress during the vulnerability handling process. 

Throughout the vulnerability handling process, our PSIRT strictly ensures that vulnerability information is transferred only between relevant handlers. We sincerely request you to keep the information confidential until a complete solution is available to our customers. We will take necessary and reasonable measures to protect the obtained data based on legal compliance requirements. We will not proactively share or disclose the data to others unless otherwise required by law or by the affected customer.


Vulnerability Response Process:

After receiving any suspected vulnerability, our PSIRT will work with the relevant product team to analyze/validate the vulnerability, assess its severity based on its actual impact on products, determine its remediation priority, and develop remediations (including mitigations, patches/versions, and other risk mitigations that can be implemented by customers). 

When discovering vulnerabilities in the products or services provided by a supplier during product development, delivery, and deployment, we will proactively contact the supplier for vulnerability remediation. 


Security Vulnerability Bulletin
Title
Product
CVE ID
Severity
Date
Related Documents Download
Document
Product
Language
Date
18MW PV Plant in Dubai
Developer: Recurrent Energy
Owner: empra
EPC:Signal Energy
Capacity:205MWac
Model:SG2500U
Location:Fresno, CA
Commissioned in Q4 2017
Developer: Recurrent Energy
Owner: empra
EPC:Signal Energy
Capacity:205MWac
Model:SG2500U
Location:Fresno, CA
Commissioned in Q4 2017