CVE-2024-50691

CVSS 3.1 Score 7.4 of 10 (high)

Details

Published Feb 26, 2025

Updated: Mar 4, 2025

CWE ID 295

Summary

CVE-2024-50691 is a cybersecurity vulnerability affecting SunGrow iSolarCloud Android app version 2.1.6.20241104 and earlier. This issue involves missing SSL certificate validation, allowing attackers to conduct man-in-the-middle (MiTM) attacks. The app overlooks certificate errors, potentially enabling unauthorized impersonation of the iSolarCloud server and enabling unsecured communication between the Android app and the server. This vulnerability poses a significant security risk to users of the iSolarCloud app, making it essential for SunGrow to address this issue promptly with a patch or update.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

https://app.recordedfuture.com/live/sc/entity/z7TTVg
https://www.cve.org/CVERecord?id=CVE-2024-50691
https://nvd.nist.gov/vuln/detail/CVE-2024-50691

Back to Vulnerability Database

Platform Features

Products

Use Cases

Teams

Industries

Services

Stimmen aus Moskau: Russian Influence Operations Target German Elections

2024 Malicious Infrastructure Report

2024 Annual Report

Know What Matters

For Customers

For Partners

CVE-2024-50691

CVSS 3.1 Score 7.4 of 10 (high)

Details

Summary

Advisories, Assessments, and Mitigations