Cyber Resilience

CVE-2024-50695

Critical

Published: 24 January 2025

Published
24 January 2025
Modified
29 May 2025
KEV Added
Patch
CVSS Score v3.1 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
EPSS Score 0.0087 75.6th percentile
Risk Priority 20 60% EPSS · 20% KEV · 20% CVSS

Summary

CVE-2024-50695 is a critical-severity Stack-based Buffer Overflow (CWE-121) vulnerability in Sungrowpower Winet-S Firmware. Its CVSS base score is 9.8 (Critical).

Operationally, exploitation aligns with the MITRE ATT&CK technique Exploit Public-Facing Application (T1190); ranked in the top 24.4% of CVEs by exploit likelihood; it is not currently listed in the CISA KEV catalog.

The strongest mitigations our analysis identified are NIST 800-53 SI-10 (Information Input Validation) and SI-16 (Memory Protection).

Deeper analysis

CVE-2024-50695 is a stack-based buffer overflow vulnerability in SunGrow WiNet-SV200 versions 001.00.P027 and earlier. The issue arises when parsing MQTT messages due to missing bounds checks on MQTT topics, classified under CWE-121 (Stack-based Buffer Overflow). It received a CVSS v3.1 base score of 9.8 (AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H), highlighting its critical severity.

An unauthenticated attacker with network access can exploit this vulnerability remotely with low complexity and no user interaction required. Successful exploitation of the buffer overflow could result in high impacts to confidentiality, integrity, and availability, such as arbitrary code execution or system crashes on affected devices.

Sungrow has issued a security notice detailing the vulnerability at https://en.sungrowpower.com/security-notice-detail-2/5961. Practitioners should consult this advisory for mitigation guidance and patch availability.

EU & UK References

Vulnerability details

SunGrow WiNet-SV200.001.00.P027 and earlier versions is vulnerable to stack-based buffer overflow when parsing MQTT messages, due to missing MQTT topic bounds checks.

CWE(s)

Related Threats

MITRE ATT&CK Enterprise TechniquesAI

T1190 Exploit Public-Facing Application Initial Access
Adversaries may attempt to exploit a weakness in an Internet-facing host or system to initially access a network.
Why these techniques?

Remote unauthenticated stack buffer overflow in network-exposed MQTT topic parsing directly enables arbitrary code execution against a public-facing service.

Confidence: HIGH · MITRE ATT&CK Enterprise v18.1

CVEs Like This One

CVE-2024-50694Same product: Sungrowpower Winet-S
CVE-2024-50698Same product: Sungrowpower Winet-S
CVE-2024-50696Same product: Sungrowpower Winet-S
CVE-2024-50697Same product: Sungrowpower Winet-S
CVE-2024-50685Same vendor: Sungrowpower
CVE-2024-50693Same vendor: Sungrowpower
CVE-2024-50686Same vendor: Sungrowpower
CVE-2025-11779Shared CWE-121
CVE-2026-25823Shared CWE-121
CVE-2025-69766Shared CWE-121

Affected Assets

sungrowpower
winet-s firmware
≤ 200.001.00.p027

Mitigating Controls

Mitigating Controls (NIST 800-53 r5) AI

prevent

Directly addresses the missing MQTT topic bounds checks by requiring validation of information inputs to prevent stack-based buffer overflows.

prevent

Remediates the specific stack buffer overflow flaw through timely identification, reporting, and application of vendor patches.

prevent

Implements memory protections such as stack canaries, ASLR, and DEP to mitigate exploitation of the buffer overflow for arbitrary code execution.

References