PatchSiren cyber security CVE debrief
CVE-2024-50694 Sungrow CVE debrief
CVE-2024-50694 is a high-severity stack-based buffer overflow affecting Sungrow’s iSolarCloud Android App and WiNet Firmware. According to the published advisory, an MQTT timestamp is copied into a buffer without bounds checking, which could allow remote code execution. Sungrow’s remediation guidance says to update affected WiNet firmware to WINET-SV200.001.00.P028 or higher and ensure the iSolarCloud Android App is updated to the latest version.
- Vendor
- Sungrow
- Product
- iSolarCloud Android App
- CVSS
- HIGH 8.1
- CISA KEV
- Not listed in stored evidence
- Original CVE published
- 2025-03-13
- Original CVE updated
- 2025-03-13
- Advisory published
- 2025-03-13
- Advisory updated
- 2025-03-13
Who should care
Organizations using Sungrow iSolarCloud for monitoring and managing Sungrow systems, especially OT/ICS operators, solar installers, and defenders responsible for WiNet devices or MQTT-connected management paths.
Technical summary
The advisory describes a bounds-check failure when copying a timestamp read from an MQTT message into a stack buffer. The issue is described as remotely reachable and capable of causing a stack-based buffer overflow, with potential arbitrary code execution. The published CVSS vector is CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H, indicating network exposure, no privileges or user interaction required, and high potential impact.
Defensive priority
High priority. Treat as urgent for any environment with affected Sungrow WiNet firmware or older iSolarCloud app deployments, especially where the devices are network-reachable.
Recommended defensive actions
- Update Sungrow WiNet firmware to WINET-SV200.001.00.P028 or later.
- Update the iSolarCloud Android App to the latest version from the device app store.
- Inventory all Sungrow WiNet and iSolarCloud deployments to confirm whether affected versions are present.
- Reduce exposure of management and MQTT-related network paths using ICS defense-in-depth and segmentation practices.
- Follow Sungrow’s published security notice and CISA ICS recommended practices for environment hardening and monitoring.
Evidence notes
This debrief is based on the CISA CSAF advisory ICSA-25-072-12 published on 2025-03-13 and the linked official CVE record. The supplied advisory identifies the affected products as Sungrow iSolarCloud Android App <=2.1.6 and Sungrow WiNet Firmware (all versions), and states the remediation version for WiNet firmware as WINET-SV200.001.00.P028 or higher. The advisory text attributes the flaw to an unchecked buffer copy of an MQTT timestamp and describes potential remote arbitrary code execution. No exploitation reports or KEV listing are included in the supplied corpus.
Official resources
-
CVE-2024-50694 CVE record
CVE.org
-
CVE-2024-50694 NVD detail
NVD
-
Source item URL
cisa_csaf
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
Publicly disclosed by CISA on 2025-03-13 in advisory ICSA-25-072-12.