PatchSiren cyber security CVE debrief
CVE-2024-50697 Sungrow CVE debrief
CVE-2024-50697 is a high-severity Sungrow issue disclosed by CISA on 2025-03-13. The advisory says MQTT message decryption code lacks sufficient bounds checks when parsing certain TLV fields, which may lead to a stack-based buffer overflow and potential remote code execution. Sungrow’s remediation guidance is to update WiNet firmware to WINET-SV200.001.00.P028 or higher and keep the iSolarCloud Android app on the latest available version.
- Vendor
- Sungrow
- Product
- iSolarCloud Android App
- CVSS
- HIGH 8.1
- CISA KEV
- Not listed in stored evidence
- Original CVE published
- 2025-03-13
- Original CVE updated
- 2025-03-13
- Advisory published
- 2025-03-13
- Advisory updated
- 2025-03-13
Who should care
Sungrow iSolarCloud Android App users (<=2.1.6), Sungrow WiNet Firmware operators, and OT/ICS teams responsible for systems that rely on MQTT-connected Sungrow components should prioritize this advisory. Security and mobile app management teams should also verify the app is updated from the device app store.
Technical summary
CISA’s CSAF advisory ICSA-25-072-12 describes an input-validation weakness in the code path used to decrypt MQTT messages. Specific TLV field parsing does not have sufficient bounds checks, creating a stack-based buffer overflow condition. The supplied CVSS 3.1 vector is AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H, which aligns with a remotely reachable flaw that can have high confidentiality, integrity, and availability impact.
Defensive priority
High. The issue is remotely reachable and affects both mobile and firmware components used in industrial/monitoring environments, so remediation should be prioritized for any exposed or externally reachable deployments.
Recommended defensive actions
- Upgrade Sungrow WiNet Firmware to WINET-SV200.001.00.P028 or higher.
- Update the iSolarCloud Android App to the latest version available through the device app store.
- Inventory Sungrow deployments to identify systems running iSolarCloud Android App <=2.1.6 and any WiNet Firmware instances.
- Limit network exposure of MQTT-based management paths until updates are applied, using defense-in-depth controls appropriate for OT environments.
- Review Sungrow’s security notice and CISA ICS recommended practices for additional mitigation guidance.
Evidence notes
This debrief is based on the supplied CISA CSAF advisory source item for ICSA-25-072-12, which names the affected products, explains the bounds-check issue in MQTT TLV parsing, and lists vendor remediation. The provided source metadata states the advisory was published and modified on 2025-03-13. The official CVE record and CISA advisory links were supplied as corroborating official references.
Official resources
-
CVE-2024-50697 CVE record
CVE.org
-
CVE-2024-50697 NVD detail
NVD
-
Source item URL
cisa_csaf
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
Public advisory disclosure date in the supplied source corpus is 2025-03-13 via CISA advisory ICSA-25-072-12. The supplied enrichment does not list the vulnerability in CISA KEV.