CVE-2024-50698

Summary

CVE-2024-50698 is a newly disclosed vulnerability affecting SunGrow WiNet-SV200.001.00.P027 and older versions. This issue involves a heap-based buffer overflow, which occurs due to insufficient bounds checking of MQTT (Message Queuing Telemetry Transport) message content. An attacker can exploit this vulnerability by sending specially crafted MQTT messages to the affected device, potentially leading to unintended code execution or system crashes. Successful exploitation could result in significant consequences, including unauthorized access or denial of service to critical infrastructure systems. It is recommended that users upgrade to the latest version of SunGrow's WiNet firmware to mitigate this risk.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.