CVE-2023-50809

CVSS 3.1 Score 7.8 of 10 (high)

Details

Published Aug 12, 2024
Updated: Oct 24, 2024

Summary

CVE-2023-50809 is a critical vulnerability affecting certain Sonos devices, including Amp, Arc, Arc SL, Beam, Beam Gen 2, Beam SL, and Five. The issue lies within the mt_7615.ko wireless driver, which fails to validate an information element during a WPA2 four-way handshake. Consequently, a stack buffer overflow occurs, enabling attackers to execute remote code within the device's kernel. This vulnerability was present before S1 Release 11.12 and S2 release 15.9.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share