CVE-2024-50692 — MEDIUM (5.4)

Vulnerability Description

SunGrow WiNet-SV200.001.00.P027 and earlier versions contains hardcoded MQTT credentials that allow an attacker to send arbitrary commands to an arbitrary inverter. It is also possible to impersonate the broker, because TLS is not used to identify the real MQTT broker. This means that MQTT communications are vulnerable to MitM attacks at the TCP/IP level.

CVSS Score

5.4

MEDIUM

CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

REQUIRED

Scope

CHANGED

Confidentiality

LOW

Integrity

LOW

Availability

NONE

Affected Products

Vendor	Product	Versions
Sungrowpower	Winet-S Firmware	200.001.00.p027
Sungrowpower	Winet-S	-

Related Weaknesses (CWE)

CWE-798

References

https://en.sungrowpower.com/security-notice-detail-2/5961Vendor Advisory
https://mqtt-pwn.readthedocs.io/en/latest/intro.htmlProduct

FAQ

What is CVE-2024-50692?

CVE-2024-50692 is a vulnerability with a CVSS score of 5.4 (MEDIUM). SunGrow WiNet-SV200.001.00.P027 and earlier versions contains hardcoded MQTT credentials that allow an attacker to send arbitrary commands to an arbitrary inverter. It is also possible to impersonate ...

How severe is CVE-2024-50692?

CVE-2024-50692 has been rated MEDIUM with a CVSS base score of 5.4/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2024-50692?

Check the references section above for vendor advisories and patch information. Affected products include: Sungrowpower Winet-S Firmware, Sungrowpower Winet-S.