Sony Xav-Ax5500 vulnerabilities
4 known vulnerabilities affecting sony/xav-ax5500.
Total CVEs
4
CISA KEV
0
Public exploits
1
Exploited in wild
0
Severity breakdown
HIGH1MEDIUM3
Vulnerabilities
Page 1 of 1
CVE-2024-23922P3MEDIUMCVSS 6.8PoCv1.132024-09-23
CVE-2024-23922 [MEDIUM] CWE-345 CVE-2024-23922: Sony XAV-AX5500 Insufficient Firmware Update Validation Remote Code Execution Vulnerability. This vu
Sony XAV-AX5500 Insufficient Firmware Update Validation Remote Code Execution Vulnerability. This vulnerability allows physically present attackers to execute arbitrary code on affected installations of Sony XAV-AX5500 devices. Authentication is not required to exploit this vulnerability.
The specific flaw exists within the handling of software upd
nvd
CVE-2024-23934P3HIGHCVSS 8.8v1.132024-09-23
CVE-2024-23934 [HIGH] CWE-121 CVE-2024-23934: Sony XAV-AX5500 WMV/ASF Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability. Thi
Sony XAV-AX5500 WMV/ASF Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Sony XAV-AX5500 devices. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.
nvd
CVE-2024-23933P3MEDIUMCVSS 6.8v1.132024-09-23
CVE-2024-23933 [MEDIUM] CWE-121 CVE-2024-23933: Sony XAV-AX5500 CarPlay TLV Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vu
Sony XAV-AX5500 CarPlay TLV Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows physically present attackers to execute arbitrary code on affected installations of Sony XAV-AX5500 devices. Authentication is not required to exploit this vulnerability.
The specific flaw exists within the implementation of the Ap
nvd
CVE-2024-23972P3MEDIUMCVSS 6.8v1.132024-09-23
CVE-2024-23972 [MEDIUM] CWE-120 CVE-2024-23972: Sony XAV-AX5500 USB Configuration Descriptor Buffer Overflow Remote Code Execution Vulnerability. Th
Sony XAV-AX5500 USB Configuration Descriptor Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows physically present attackers to execute arbitrary code on affected installations of Sony XAV-AX5500 devices. Authentication is not required to exploit this vulnerability.
The specific flaw exists within the USB host driver. A
nvd