Sonos Era 300 Firmware vulnerabilities
2 known vulnerabilities affecting sonos/era_300_firmware.
Total CVEs
2
CISA KEV
0
Public exploits
0
Exploited in wild
0
Severity breakdown
CRITICAL1HIGH1
Vulnerabilities
Page 1 of 1
CVE-2026-4149P2CRITICALCVSS 9.8fixed in 83.1-612402026-04-11
CVE-2026-4149 [CRITICAL] CWE-119 CVE-2026-4149: Sonos Era 300 SMB Response Out-Of-Bounds Access Remote Code Execution Vulnerability. This vulnerabil
Sonos Era 300 SMB Response Out-Of-Bounds Access Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Sonos Era 300. Authentication is not required to exploit this vulnerability.
The specific flaw exists within the handling of the DataOffset field within SMB responses.
nvd
CVE-2025-1051P3HIGHCVSS 8.8v81.1-580742025-06-02
CVE-2025-1051 [HIGH] CWE-122 CVE-2025-1051: Sonos Era 300 Heap-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability all
Sonos Era 300 Heap-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected Sonos Era 300 speakers. Authentication is not required to exploit this vulnerability.
The specific flaw exists within the processing of ALAC data. The issue results from the lack of pro
nvd