CVE-2024-50690

CVSS 3.1 Score 6.5 of 10 (medium)

Details

Published Jan 24, 2025

Updated: Feb 6, 2025

CWE ID 798

Summary

CVE-2024-50690 is a recently disclosed vulnerability affecting SunGrow WiNet-SV200.001.00.P027 and earlier versions. This issue involves a hardcoded password that is used to decrypt all firmware updates. An attacker who gains unauthorized access to the system can exploit this vulnerability by using the hardcoded password to decrypt and potentially modify firmware updates, potentially leading to serious security compromises. It is recommended that affected devices be updated to the latest version as soon as possible to mitigate this risk.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

https://app.recordedfuture.com/live/sc/entity/z7SPmE
https://www.cve.org/CVERecord?id=CVE-2024-50690
https://nvd.nist.gov/vuln/detail/CVE-2024-50690

Back to Vulnerability Database

CVE-2024-50690

CVSS 3.1 Score 6.5 of 10 (medium)

Details

Summary

Advisories, Assessments, and Mitigations