Microinverter Flaw Raises Remote Shutdown Risk Across Rooftop Solar Systems

A cyber risk hiding inside distributed energy hardware

A disclosed vulnerability in AP Systems microinverters has highlighted a growing problem in the energy transition: the same connectivity that makes distributed solar easier to monitor and manage can also create a pathway for large-scale disruption. According to the supplied reporting from pv magazine, cybersecurity firm Jakkaru found a flaw that allowed complete compromise of internet-connected devices, including the ability to selectively and simultaneously shut down systems.

AP Systems patched the issue after being alerted, but the episode still lands as a warning. Distributed energy resources are often described as inherently resilient because they are geographically dispersed. That is true in some physical senses, but software-linked fleets can also create new forms of concentration risk.

The scale of the exposure

The researchers identified roughly 100,000 vulnerable devices accessible online. The affected product was the EZ1-M microinverter, which is also sold under white-label branding, including as the Anker Solix Mi80. Jakkaru further suggested that a larger base of devices, potentially including AP Systems home energy storage systems, may also have been affected. The report notes that around 600,000 AP Systems installations are in use worldwide.

Those numbers matter because the concern is not only device compromise at the household level. A sufficiently coordinated attack on many inverters at once could create a broader grid disturbance, especially if shutdowns occurred simultaneously in concentrated areas or during stressed conditions.

Why microinverters are an attractive target

Microinverters sit at the edge of the power system, converting output from individual solar panels and often linking into monitoring platforms. Their growing presence in residential and small commercial systems means they occupy a rapidly expanding layer of critical digital infrastructure, even if they are rarely treated that way in public debate.

That creates a mismatch between deployment speed and security expectations. Energy hardware once operated largely in closed environments. Today it is increasingly connected, app-enabled, remotely manageable, and sometimes directly reachable over the internet. Every one of those features can improve usability while enlarging the attack surface.

From consumer convenience to grid issue

The phrase “kill switch” in the supplied report captures the concern starkly. A remote, synchronized shutdown of tens of thousands of devices would be a consumer problem for system owners, but it could also become a grid operations problem. As solar penetration rises, edge devices are no longer peripheral to the electricity system. They are part of it.

This is why inverter cybersecurity is moving from specialist concern toward mainstream energy policy. The future grid depends not only on adding more clean generation, but on trusting the digital control layers embedded throughout that generation. A weak point in a widely deployed device can therefore become a systemic risk rather than an isolated bug.

The larger lesson for energy security

The immediate story ends with a patch, but the larger lesson is less comfortable. Distributed energy systems need security practices proportionate to their grid relevance. That means vulnerability disclosure processes, better default hardening, clearer vendor accountability, and more serious attention from regulators and operators.

Solar adoption is often framed around economics, decarbonization, and resilience. Those goals remain intact. But the AP Systems case is a reminder that resilience in a digital grid is inseparable from cybersecurity. Building out cleaner infrastructure without securing its connected components simply relocates vulnerability into a newer layer of the system.

This article is based on reporting by PV Magazine. Read the original article.