Sonos S1/S2 Wireless Driver mt_7615.ko stack-based overflow
| CVSS Meta Temp Score | Current Exploit Price (≈) | CTI Interest Score |
|---|---|---|
| 6.9 | $0-$5k | 0.00 |
Summary
A vulnerability classified as critical was found in Sonos S1 and S2. Impacted is an unknown function in the library mt_7615.ko of the component Wireless Driver. The manipulation results in stack-based overflow. This vulnerability is reported as CVE-2023-50809. The attack can be launched remotely. No exploit exists. Upgrading the affected component is advised.
Details
A vulnerability was found in Sonos S1 and S2 (version unknown). It has been classified as critical. Affected is an unknown function in the library mt_7615.ko of the component Wireless Driver. The manipulation with an unknown input leads to a stack-based overflow vulnerability. CWE is classifying the issue as CWE-121. A stack-based buffer overflow condition is a condition where the buffer being overwritten is allocated on the stack (i.e., is a local variable or, rarely, a parameter to a function). This is going to have an impact on confidentiality, integrity, and availability. CVE summarizes:
In certain Sonos products before S1 Release 11.12 and S2 release 15.9, the mt_7615.ko wireless driver does not properly validate an information element during negotiation of a WPA2 four-way handshake. This lack of validation leads to a stack buffer overflow. This can result in remote code execution within the kernel. This affects Amp, Arc, Arc SL, Beam, Beam Gen 2, Beam SL, and Five.
The advisory is shared for download at sonos.com. This vulnerability is traded as CVE-2023-50809 since 12/14/2023. The exploitability is told to be easy. It is possible to launch the attack remotely. There are known technical details, but no exploit is available.
Upgrading eliminates this vulnerability.
The vulnerability is also documented in the vulnerability database at EUVD (EUVD-2023-55542). Once again VulDB remains the best source for vulnerability data.
Product
Vendor
Name
CPE 2.3
CPE 2.2
CVSSv4
VulDB Vector: 🔍VulDB Reliability: 🔍
CVSSv3
VulDB Meta Base Score: 7.0VulDB Meta Temp Score: 6.9
VulDB Base Score: 6.3
VulDB Temp Score: 6.0
VulDB Vector: 🔍
VulDB Reliability: 🔍
CNA Base Score: 7.8
CNA Vector (MITRE): 🔍
CVSSv2
| AV | AC | Au | C | I | A |
|---|---|---|---|---|---|
| 💳 | 💳 | 💳 | 💳 | 💳 | 💳 |
| 💳 | 💳 | 💳 | 💳 | 💳 | 💳 |
| 💳 | 💳 | 💳 | 💳 | 💳 | 💳 |
| Vector | Complexity | Authentication | Confidentiality | Integrity | Availability |
|---|---|---|---|---|---|
| Unlock | Unlock | Unlock | Unlock | Unlock | Unlock |
| Unlock | Unlock | Unlock | Unlock | Unlock | Unlock |
| Unlock | Unlock | Unlock | Unlock | Unlock | Unlock |
VulDB Base Score: 🔍
VulDB Temp Score: 🔍
VulDB Reliability: 🔍
Exploiting
Class: Stack-based overflowCWE: CWE-121 / CWE-119
CAPEC: 🔍
ATT&CK: 🔍
Physical: Partially
Local: Yes
Remote: Yes
Availability: 🔍
Status: Not defined
EPSS Score: 🔍
EPSS Percentile: 🔍
Price Prediction: 🔍
Current Price Estimation: 🔍
| 0-Day | Unlock | Unlock | Unlock | Unlock |
|---|---|---|---|---|
| Today | Unlock | Unlock | Unlock | Unlock |
Threat Intelligence
Interest: 🔍Active Actors: 🔍
Active APT Groups: 🔍
Countermeasures
Recommended: UpgradeStatus: 🔍
0-Day Time: 🔍
Timeline
12/14/2023 🔍08/09/2024 🔍
08/10/2024 🔍
03/06/2026 🔍
Sources
Advisory: security-advisory-2024-0001Status: Confirmed
CVE: CVE-2023-50809 (🔍)
GCVE (CVE): GCVE-0-2023-50809
GCVE (VulDB): GCVE-100-274092
EUVD: 🔍
Entry
Created: 08/10/2024 00:39Updated: 03/06/2026 00:06
Changes: 08/10/2024 00:39 (55), 08/13/2024 13:17 (1), 08/13/2024 17:35 (11), 03/06/2026 00:06 (1)
Complete: 🔍
Cache ID: 216::103
Once again VulDB remains the best source for vulnerability data.
No comments yet. Languages: en.
Please log in to comment.