CVE-2022-23747

In Sony Xperia series 1, 5, and Pro, an out of bound memory access can occur due to lack of validation of the number of frames being passed during music playback.

CVSS v3.0 9.8 CRITICAL

9.8^/10

CVSS v3.0 : CRITICAL

Vector :

Exploitability : 3.9 / Impact : 5.9

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required NONE

User Interaction NONE

Confidentiality Impact HIGH

Integrity Impact HIGH

Availability Impact HIGH

Scope UNCHANGED

References

Link	Resource
https://research.checkpoint.com/2022/bad-alac-one-codec-to-hack-the-whole-world/	Exploit Third Party Advisory
https://cpr-zero.checkpoint.com/vulns/cprid-2191/	Exploit Third Party Advisory

Advertisement

Configurations

Configuration 1 (hide)

AND

cpe:2.3:o:sony:xperia_1_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:sony:xperia_1:-:*:*:*:*:*:*:*

Configuration 2 (hide)

AND

cpe:2.3:o:sony:xperia_5_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:sony:xperia_5:-:*:*:*:*:*:*:*

Configuration 3 (hide)

AND

cpe:2.3:o:sony:xperia_pro_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:sony:xperia_pro:-:*:*:*:*:*:*:*

Information

Published : 2022-08-17 14:15

Updated : 2022-08-19 08:01

NVD link : CVE-2022-23747

Mitre link : CVE-2022-23747

JSON object : View

CWE

CWE-120

Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')

Advertisement

Products Affected

sony

xperia_5_firmware
xperia_1
xperia_pro
xperia_5
xperia_1_firmware
xperia_pro_firmware

{"cve": {"data_type": "CVE", "references": {"reference_data": [{"url": "https://research.checkpoint.com/2022/bad-alac-one-codec-to-hack-the-whole-world/", "name": "https://research.checkpoint.com/2022/bad-alac-one-codec-to-hack-the-whole-world/", "tags": ["Exploit", "Third Party Advisory"], "refsource": "MISC"}, {"url": "https://cpr-zero.checkpoint.com/vulns/cprid-2191/", "name": "https://cpr-zero.checkpoint.com/vulns/cprid-2191/", "tags": ["Exploit", "Third Party Advisory"], "refsource": "MISC"}]}, "data_format": "MITRE", "description": {"description_data": [{"lang": "en", "value": "In Sony Xperia series 1, 5, and Pro, an out of bound memory access can occur due to lack of validation of the number of frames being passed during music playback."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "en", "value": "CWE-120"}]}]}, "data_version": "4.0", "CVE_data_meta": {"ID": "CVE-2022-23747", "ASSIGNER": "cve@checkpoint.com"}}, "impact": {"baseMetricV3": {"cvssV3": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 9.8, "attackVector": "NETWORK", "baseSeverity": "CRITICAL", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}, "impactScore": 5.9, "exploitabilityScore": 3.9}}, "publishedDate": "2022-08-17T21:15Z", "configurations": {"nodes": [{"children": [{"children": [], "operator": "OR", "cpe_match": [{"cpe23Uri": "cpe:2.3:o:sony:xperia_1_firmware:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}]}, {"children": [], "operator": "OR", "cpe_match": [{"cpe23Uri": "cpe:2.3:h:sony:xperia_1:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false}]}], "operator": "AND", "cpe_match": []}, {"children": [{"children": [], "operator": "OR", "cpe_match": [{"cpe23Uri": "cpe:2.3:o:sony:xperia_5_firmware:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}]}, {"children": [], "operator": "OR", "cpe_match": [{"cpe23Uri": "cpe:2.3:h:sony:xperia_5:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false}]}], "operator": "AND", "cpe_match": []}, {"children": [{"children": [], "operator": "OR", "cpe_match": [{"cpe23Uri": "cpe:2.3:o:sony:xperia_pro_firmware:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}]}, {"children": [], "operator": "OR", "cpe_match": [{"cpe23Uri": "cpe:2.3:h:sony:xperia_pro:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false}]}], "operator": "AND", "cpe_match": []}], "CVE_data_version": "4.0"}, "lastModifiedDate": "2022-08-19T15:01Z"}