Solar inverter vulnerability, no interest from manufacturer, what to do?

Question

I've found a vulnerability in the authentication protocol of a domestic solar inverter. Essentially it allows anyone having access to local network to change any parameters and disrupt the system operation, damage it or, possibly, even cause a fire. Considering that in most cases people use potentially insecure WPA2 networks it may be kind of an issue...The manufacturer told me that they don't care.At one hand it may be convenient for end users because the manufacturer refuses to provide them any administrative access to the devices.At the other hand I kinda feel that it's not a good idea to let these devices to run as they are.Any advice?

LinuxBender · Accepted Answer

If you can isolate it on its own private network, then put a proxy that enables authentication in front of it. That is unless this is one of the devices that talks to the cloud and you are controlling it from the cloud.

melon3r · Answer

Is there any national or regional cibersecurity-related institution you can share your findings with?They could put some more pressure on the manufacturer, or at least responsibly inform the public.