CVE-2024-50694: Buffer Overflow
First published: Fri Jan 24 2025(Updated: )
In SunGrow WiNet-SV200.001.00.P027 and earlier versions, when copying the timestamp read from an MQTT message, the underlying code does not check the bounds of the buffer that is used to store the message. This may lead to a stack-based buffer overflow.
Credit: cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| SunGrow WiNet-SV200 | <=200.001.00.P027 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the severity of CVE-2024-50694?
CVE-2024-50694 is classified as a high severity vulnerability due to the risk of stack-based buffer overflow.
How do I fix CVE-2024-50694?
To fix CVE-2024-50694, upgrade to the latest version of SunGrow WiNet-SV200 that addresses the buffer overflow issue.
What systems are affected by CVE-2024-50694?
CVE-2024-50694 affects SunGrow WiNet-SV200 versions up to and including 200.001.00.P027.
What type of vulnerability is CVE-2024-50694?
CVE-2024-50694 is a stack-based buffer overflow vulnerability related to the handling of MQTT message timestamps.
Can CVE-2024-50694 be exploited remotely?
Yes, CVE-2024-50694 can potentially be exploited remotely through malicious MQTT messages, leading to severe consequences.
- agent/references
- agent/type
- agent/description
- agent/first-publish-date
- agent/guess-ai
- agent/software-canonical-lookup
- agent/software-canonical-lookup-request
- agent/softwarecombine
- agent/author
- agent/source
- collector/mitre-cve
- source/MITRE
- agent/tags
- collector/nvd-api
- source/NVD
- agent/weakness
- agent/severity
- agent/last-modified-date
- agent/event
- vendor/sungrow
- canonical/sungrow winet-sv200