Humza Ahmad
OT Pentester
Smart Grid
Critical Infrastructure
Cybersecurity specialist with expertise in penetration testing and security audits of OT systems. Skilled in component testing of smart meters, RTUs, IEDs, EV chargers, and solar inverters. Proficient in protocol testing & fuzzing (DLMS, MBus, IEC 104, IEC 61850 MMS, Goose, OCPP), web application & API testing, reverse engineering & source code review.
Public CVEs
- CVE-2024-34057 – Buffer overflow DoS in Triangle Microworks TMW IEC 61850 client libraries
- CVE-2024-45969 – NULL pointer dereference DoS in MMS client (MZ Automation IEC library)
- CVE-2024-45970 – Stack buffer overflow via MMS FileDirResponse in LibIEC61850 MMS client
- CVE-2024-45971 – Stack buffer overflow via MMS IdentifyResponse in LibIEC61850 MMS client
- CVE-2025-29757 – Incorrect authorization in Growatt cloud ‘plant transfer’ enabling plant takeover
- CVE-2025-36756 – Missing authorization in SolaX Cloud allowing inverter takeover by serial number
- CVE-2025-36757 – Admin login bypass on SolaX Cloud via parameter tampering
- CVE-2025-36758 – Auth clipping / rate-limit bypass in SolaX Cloud using Forgot Password as oracle
- CVE-2025-36759 – User enumeration in SolaX Cloud leaking emails and phone numbers
- CVE-2025-40591 – Command injection in web Log Viewer tool allowing root ‘tail’ on filesystem
- CVE-2025-40890 – Stored XSS in Dashboards feature of Nozomi Guardian/CMC (authenticated user dashboards)