SB2025031443 - Multiple vulnerabilities in Sungrow WiNet Firmware

Description

This security bulletin contains information about 6 secuirty vulnerabilities.

1) Use of hard-coded credentials (CVE-ID: CVE-2024-50692)

The vulnerability allows a remote attacker to gain full access to vulnerable system.

The vulnerability exists due to presence of hard-coded MQTT credentials in application code. A remote unauthenticated attacker can access the affected system using the hard-coded credentials.

Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.

2) Heap-based buffer overflow (CVE-ID: CVE-2024-50698)

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The vulnerability exists due to a boundary error. A remote attacker can pass specially crafted data to the application, trigger a heap-based buffer overflow and execute arbitrary code on the target system.

Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.

3) Stack-based buffer overflow (CVE-ID: CVE-2024-50695)

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The vulnerability exists due to a boundary error when parsing MQTT messages. A remote unauthenticated attacker can trigger stack-based buffer overflow and execute arbitrary code on the target system.

Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.

4) Stack-based buffer overflow (CVE-ID: CVE-2024-50697)

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The vulnerability exists due to a boundary error when decrypting MQTT messages. A remote unauthenticated attacker can trigger stack-based buffer overflow and execute arbitrary code on the target system.

Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.

5) Stack-based buffer overflow (CVE-ID: CVE-2024-50694)

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The vulnerability exists due to a boundary error when copying the time stamp read from an MQTT message. A remote unauthenticated attacker can trigger stack-based buffer overflow and execute arbitrary code on the target system.

Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.

6) Use of Hard-coded Password (CVE-ID: CVE-2024-50690)

The vulnerability allows a remote attacker to compromise the target system.

The vulnerability exists due to use a hard-coded password. A remote attacker can gain unauthorized access to accounts.

Remediation

Install update from vendor's website.

References

• https://www.cisa.gov/news-events/ics-advisories/icsa-25-072-12
• https://en.sungrowpower.com/security-notice-detail-2/6136
• https://en.sungrowpower.com/security-notice-detail-2/6134
• https://en.sungrowpower.com/security-notice-detail-2/6130
• https://en.sungrowpower.com/security-notice-detail-2/6132
• https://en.sungrowpower.com/security-notice-detail-2/6128
• https://en.sungrowpower.com/security-notice-detail-2/6138