PatchSiren cyber security CVE debrief
CVE-2024-50695 Sungrow CVE debrief
CVE-2024-50695 is a high-severity Sungrow vulnerability disclosed by CISA on 2025-03-13. The issue affects the iSolarCloud Android App and WiNet Firmware and is described as a potential stack-based buffer overflow caused by missing MQTT topic bounds checks while parsing MQTT messages. According to the advisory, exploitation could allow remote code execution. Sungrow states updated firmware is available and that the iSolarCloud Android App has been repaired.
- Vendor
- Sungrow
- Product
- iSolarCloud Android App
- CVSS
- HIGH 8.1
- CISA KEV
- Not listed in stored evidence
- Original CVE published
- 2025-03-13
- Original CVE updated
- 2025-03-13
- Advisory published
- 2025-03-13
- Advisory updated
- 2025-03-13
Who should care
Operators and administrators using Sungrow iSolarCloud Android App version 2.1.6 or earlier, and environments running Sungrow WiNet Firmware, should prioritize review and remediation. Industrial control and OT security teams should also care because the advisory is published through CISA and includes ICS-relevant guidance.
Technical summary
The advisory attributes the flaw to insufficient bounds checking on MQTT topic data during message parsing, creating a stack-based buffer overflow condition. The affected products listed in the CSAF advisory are Sungrow iSolarCloud Android App: <=2.1.6 and Sungrow WiNet Firmware: vers:all/*. The supplied CVSS vector is CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H, consistent with a high-impact network-reachable issue, although the advisory itself does not add exploit details beyond the buffer overflow/RCE risk.
Defensive priority
High. This is a remotely reachable memory-safety issue with potential code-execution impact, and the vendor has provided a firmware update path. Even though it is not listed as CISA KEV in the supplied enrichment, the OT/ICS context and severity justify prompt asset identification and patching.
Recommended defensive actions
- Update Sungrow WiNet Firmware to WINET-SV200.001.00.P028 or higher, as stated in the advisory.
- Update the iSolarCloud Android App to the latest version from the device app store; Sungrow states the app has been repaired and needs no further user action beyond updating.
- Inventory affected Sungrow assets and confirm whether any deployments match iSolarCloud Android App <=2.1.6 or WiNet Firmware versions covered by the advisory.
- Review Sungrow's security notice and apply any vendor-specific guidance for your environment.
- Use standard ICS defensive practices and defense-in-depth controls while remediation is in progress.
Evidence notes
All product scope, vulnerability description, and remediation guidance come from the supplied CISA CSAF source item for ICSA-25-072-12. The source lists two affected products: Sungrow iSolarCloud Android App: <=2.1.6 and Sungrow WiNet Firmware: vers:all/*. It also states that Sungrow released updated firmware (WINET-SV200.001.00.P028 or higher) and that the iSolarCloud app has been repaired. The published and modified dates supplied are 2025-03-13T06:00:00.000Z. No additional exploit technique, affected architecture, or verification details are asserted beyond the supplied advisory text.
Official resources
-
CVE-2024-50695 CVE record
CVE.org
-
CVE-2024-50695 NVD detail
NVD
-
Source item URL
cisa_csaf
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
Publicly disclosed by CISA on 2025-03-13 in advisory ICSA-25-072-12. The supplied enrichment marks the case as not included in CISA KEV at the time represented here.