CVE Radar Logo
CVERadar
CVE Radar Logo
CVERadar

CVE-2024-50691

High Severity
SVRS
67/100
CVSSv3
7.4/10
EPSS
0.00022/1

CVE-2024-50691: SunGrow iSolarCloud Android app is vulnerable! The app doesn't properly validate SSL certificates, creating a significant security risk. This flaw, present in versions V2.1.6.20241104 and earlier, allows MiTM attacks, letting attackers intercept and manipulate communications between the app and the iSolarCloud server. Even though the CVSS score is 7.4, indicating high severity, the SOCRadar Vulnerability Risk Score (SVRS) of 67 suggests this is a medium-risk vulnerability that requires monitoring and potential patching. Successful exploitation allows attackers to impersonate the legitimate server, potentially leading to data theft or unauthorized control. The CWE-295, related to improper certificate validation, highlights the root cause of this issue. The "In The Wild" tag implies active exploitation may be occurring, increasing the urgency to address this vulnerability. This highlights the importance of secure coding practices and robust certificate handling in mobile applications.

TAGS
In The Wild
VECTOR STRING
CVSS:3.1
AV:N
AC:H
PR:N
UI:N
S:U
C:H
I:H
A:N
PUBLICATION DATE2025-02-26
LAST MODIFIED2025-04-07
Eye Icon
SOCRadar
AI Insight

Description

CVE-2024-50691 is a vulnerability affecting the SunGrow iSolarCloud Android app (version V2.1.6.20241104 and prior) due to missing SSL certificate validation. The application's failure to properly validate SSL certificates makes it susceptible to Man-in-the-Middle (MiTM) attacks, allowing attackers to intercept and manipulate communications between the app and the iSolarCloud server by impersonating the server. Although the CVSS score is 7.4, indicating a high severity, the SOCRadar Vulnerability Risk Score (SVRS) is 30, suggesting a lower level of immediate risk based on SOCRadar's analysis of threat intelligence. This vulnerability is being exploited in the wild.

Key Insights

  1. MiTM Attack Surface: The lack of SSL certificate validation directly exposes users to MiTM attacks. A threat actor positioned between the app and the iSolarCloud server can intercept and alter data, potentially gaining access to user credentials, solar panel data, or injecting malicious commands.
  2. Data Exposure Risk: Successful exploitation could lead to the exposure of sensitive user data transmitted through the application, including personal information, solar panel configuration details, and energy production data.
  3. Compromised System Control: Attackers could potentially manipulate the solar panel system through the compromised app connection, affecting energy production, grid integration, or even causing physical damage in extreme scenarios.
  4. Actively Exploited: The vulnerability is actively exploited by hackers.

Mitigation Strategies

  1. Mandatory App Update: SunGrow should release an updated version of the iSolarCloud app that includes robust SSL certificate validation to prevent MiTM attacks. Users should be strongly encouraged to update to the latest version immediately.
  2. Network Monitoring: Implement network monitoring solutions to detect and alert on suspicious network traffic patterns indicative of MiTM attacks targeting the iSolarCloud app.
  3. User Education: Educate users about the risks of connecting to public Wi-Fi networks and encourage them to use trusted networks or VPNs when accessing the app.
  4. Web Application Firewall (WAF) and Intrusion Detection/Prevention Systems (IDS/IPS) Rules: For clients hosting iSolarCloud servers, ensure that WAF and IDS/IPS rules are updated to detect and block any exploitation attempts targeting the iSolarCloud infrastructure.

Additional Information

If users have additional queries regarding this incident, they can use the 'Ask to Analyst' feature, contact SOCRadar directly, or open a support ticket for more information if necessary.

Indicators of Compromise

No IOCs found for this CVE

Exploits

No exploits found for this CVE

Enhance Your CVE Management with SOCRadar Vulnerability Intelligence
Get comprehensive CVE details, real-time notifications, and proactive threat management all in one platform.
CREATE FREE ACCOUNT
CVE Details
Access comprehensive CVE information instantly
Real-time Tracking
Subscribe to CVEs and get instant updates
Exploit Analysis
Monitor related APT groups and threats
IOC Tracking
Analyze and track CVE-related IOCs

News

Sungrow iSolarCloud Android App WiNet Firmware
CISA2025-03-13
Sungrow iSolarCloud Android App WiNet Firmware | View CSAF 1. EXECUTIVE SUMMARY CVSS v4 9.5 ATTENTION: Exploitable remotely Vendor: Sungrow Equipment<
us-cert.gov
rss
forum
news
CVE-2024-50691 | SunGrow iSolarCloud App up to 2.1.6.20241104 on Android certificate validation
vuldb.com2025-03-05
CVE-2024-50691 | SunGrow iSolarCloud App up to 2.1.6.20241104 on Android certificate validation | A vulnerability, which was classified as problematic, has been found in SunGrow iSolarCloud App up to 2.1.6.20241104 on Android. This issue affects some unknown processing. The manipulation leads to improper certificate validation. The identification of this vulnerability is CVE-2024-50691. The attack may be initiated remotely. There is no exploit available.
vuldb.com
rss
forum
news

Social Media

⚠️ Vulnerability Alert: Sungrow iSolarCloud Vulnerabilities 📅 Timeline: Disclosure: 2025-01-24, Patch: 2025-02-26 🆔cveId: CVE-2024-50691, CVE-2024-50684, CVE-2024-50692, CVE-2024-50694, CVE-2024-50695, CVE-2024-50697, CVE-2024-50698 📊baseScore: 9.5, 8.3, 9.5, 8.3, 8.3, 9.5,
0
0
0
Actively exploited CVE : CVE-2024-50691
1
0
0
CVE-2024-50691 SunGrow iSolarCloud Android app V2.1.6.20241104 and prior suffers from Missing SSL Certificate Validation. The app explicitly ignores certificate errors and is vulner… https://t.co/l5HdeN9QBO
0
0
0
CVE-2024-50691 02/26/2025 09:15:17 PM SunGrow iSolarCloud Android app V2.1.6.20241104 and prior suffers from Missing SSL Certificate Validation. The app explicitly ignores certificate errors and is vulnerable to MiTM at... https://t.co/IUAnbIM55A
0
0
0

Affected Software

No affected software found for this CVE

References

ReferenceLink
[email protected]https://en.sungrowpower.com/security-notice-detail-2/6124
[email protected]https://en.sungrowpower.com/security-notice-detail-2/6124

CWE Details

CWE IDCWE NameDescription
CWE-295Improper Certificate ValidationThe software does not validate, or incorrectly validates, a certificate.

CVE Radar

Real-time CVE Intelligence & Vulnerability Management Platform

CVE Radar provides comprehensive vulnerability intelligence by monitoring CVE databases, security advisories, and threat feeds. Get instant updates on new vulnerabilities, exploit details, and mitigation strategies specific to your assets.

Get Free Vulnerability Intelligence AccessAccess real-time CVE monitoring, exploit analysis, and threat intelligence