What is CVE-2025-7770?

CVE-2025-7770 is a vulnerability in Tigo Energy Cloud Connect Advanced, classified under CWE-337. Published 2025-08-06.

Is CVE-2025-7770 known to be exploited?

1 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.

Vulnerability in Tigo Energy Cloud Connect Advanced

CVE-2025-7770

Tigo Energy's CCA device is vulnerable to insecure session ID generation in their remote API. The session IDs are generated using a predictable method based on the current timestamp, allowing attackers to recreate valid session IDs. When c…

EPSS: 0.004 (58.1th percentile) — read the EPSS interpretation.

Affected products

Tigo Energy Cloud Connect Advanced — versions 0

Weakness classification (CWE)

CWE-337

Public proof-of-concept exploits

ARPSyndicate/cve-scores

References

www.cisa.gov/news-events/ics-advisories/icsa-25-217-02 (government-resource)

Frequently asked questions

What is CVE-2025-7770?: CVE-2025-7770 is a vulnerability in Tigo Energy Cloud Connect Advanced, classified under CWE-337. Published 2025-08-06.
Is CVE-2025-7770 known to be exploited?: 1 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.