SunGrow WiNet-SV200.001.00.P027 and earlier versions contains hardcoded MQTT credentials that allow an attacker to send arbitrary commands to an arbitrary inverter. It is also possible to impersonate the broker, because TLS is not used to identify the real MQTT broker. This means that MQTT communications are vulnerable to MitM attacks at the TCP/IP level.
References
Link | Resource |
---|---|
https://en.sungrowpower.com/security-notice-detail-2/5961 | Vendor Advisory |
https://mqtt-pwn.readthedocs.io/en/latest/intro.html | Product |
Configurations
History
29 May 2025, 16:02
Type | Values Removed | Values Added |
---|---|---|
References | () https://en.sungrowpower.com/security-notice-detail-2/5961 - Vendor Advisory | |
References | () https://mqtt-pwn.readthedocs.io/en/latest/intro.html - Product | |
CPE | cpe:2.3:o:sungrowpower:winet-s_firmware:200.001.00.p027:*:*:*:*:*:*:* cpe:2.3:h:sungrowpower:winet-s:-:*:*:*:*:*:*:* cpe:2.3:o:sungrowpower:winet-s_firmware:*:*:*:*:*:*:*:* |
|
First Time |
Sungrowpower
Sungrowpower winet-s Firmware Sungrowpower winet-s |
06 Feb 2025, 17:15
Type | Values Removed | Values Added |
---|---|---|
Summary |
|
|
CWE | CWE-798 | |
References |
|
|
CVSS |
v2 : v3 : |
v2 : unknown
v3 : 5.4 |
24 Jan 2025, 23:15
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2025-01-24 23:15
Updated : 2025-05-29 16:02
NVD link : CVE-2024-50692
Mitre link : CVE-2024-50692
CVE.ORG link : CVE-2024-50692
JSON object : View
Products Affected
sungrowpower
- winet-s_firmware
- winet-s
CWE
CWE-798
Use of Hard-coded Credentials