Cyber Posture

CVE-2024-50695

Critical

Published: 24 January 2025

Published
24 January 2025
Modified
29 May 2025
KEV Added
Patch
CVSS Score 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
EPSS Score 0.0113 78.5th percentile
Risk Priority 20 60% EPSS · 20% KEV · 20% CVSS

Summary

CVE-2024-50695 is a critical-severity Stack-based Buffer Overflow (CWE-121) vulnerability in Sungrowpower Winet-S Firmware. Its CVSS base score is 9.8 (Critical).

Operationally, exploitation aligns with the MITRE ATT&CK technique Exploit Public-Facing Application (T1190); ranked in the top 21.5% of CVEs by exploit likelihood; it is not currently listed in the CISA KEV catalog.

The strongest mitigations our analysis identified are NIST 800-53 SI-10 (Information Input Validation) and SI-16 (Memory Protection).

Threat & Defense at a Glance

What attackers do: exploitation maps to Exploit Public-Facing Application (T1190). What defenders deploy: see the NIST 800-53 controls recommended below.
Threat & Defense Details

Mitigating Controls (NIST 800-53 r5)AI

SI-10 Information Input Validation good match
prevent

Directly addresses the missing MQTT topic bounds checks by requiring validation of information inputs to prevent stack-based buffer overflows.

SI-2 Flaw Remediation good match
prevent

Remediates the specific stack buffer overflow flaw through timely identification, reporting, and application of vendor patches.

SI-16 Memory Protection good match
prevent

Implements memory protections such as stack canaries, ASLR, and DEP to mitigate exploitation of the buffer overflow for arbitrary code execution.

MITRE ATT&CK Enterprise TechniquesAI

T1190 Exploit Public-Facing Application Initial Access
Adversaries may attempt to exploit a weakness in an Internet-facing host or system to initially access a network.
attack.mitre.org →
Why these techniques?

Remote unauthenticated stack buffer overflow in network-exposed MQTT topic parsing directly enables arbitrary code execution against a public-facing service.

Confidence: HIGH · MITRE ATT&CK Enterprise v18.1

NVD Description

SunGrow WiNet-SV200.001.00.P027 and earlier versions is vulnerable to stack-based buffer overflow when parsing MQTT messages, due to missing MQTT topic bounds checks.

Deeper analysisAI

CVE-2024-50695 is a stack-based buffer overflow vulnerability in SunGrow WiNet-SV200 versions 001.00.P027 and earlier. The issue arises when parsing MQTT messages due to missing bounds checks on MQTT topics, classified under CWE-121 (Stack-based Buffer Overflow). It received a CVSS v3.1 base score of 9.8 (AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H), highlighting its critical severity.

An unauthenticated attacker with network access can exploit this vulnerability remotely with low complexity and no user interaction required. Successful exploitation of the buffer overflow could result in high impacts to confidentiality, integrity, and availability, such as arbitrary code execution or system crashes on affected devices.

Sungrow has issued a security notice detailing the vulnerability at https://en.sungrowpower.com/security-notice-detail-2/5961. Practitioners should consult this advisory for mitigation guidance and patch availability.

Details

CWE(s)
CWE-121

Affected Products

sungrowpower
winet-s firmware
≤ 200.001.00.p027

CVEs Like This One

CVE-2024-50694Same product: Sungrowpower Winet-S
CVE-2024-50698Same product: Sungrowpower Winet-S
CVE-2024-50696Same product: Sungrowpower Winet-S
CVE-2024-50697Same product: Sungrowpower Winet-S
CVE-2024-50693Same vendor: Sungrowpower
CVE-2024-50685Same vendor: Sungrowpower
CVE-2024-50686Same vendor: Sungrowpower
CVE-2025-70219Shared CWE-121
CVE-2025-61128Shared CWE-121
CVE-2019-25319Shared CWE-121

References