CVE-2022-23747

In Sony Xperia series 1, 5, and Pro, an out of bound memory access can occur due to lack of validation of the number of frames being passed during music playback.

CVSS v3 9.8 CRITICAL

9.8^/10

CVSS v3 : CRITICAL

Vector :

Exploitability : 3.9 / Impact : 5.9

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required NONE

User Interaction NONE

Confidentiality Impact HIGH

Integrity Impact HIGH

Availability Impact HIGH

Scope UNCHANGED

References

Link	Resource
https://cpr-zero.checkpoint.com/vulns/cprid-2191/	Exploit Third Party Advisory
https://research.checkpoint.com/2022/bad-alac-one-codec-to-hack-the-whole-world/	Exploit Third Party Advisory

Configurations

Configuration 1 (hide)

AND

cpe:2.3:o:sony:xperia_1_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:sony:xperia_1:-:*:*:*:*:*:*:*

Configuration 2 (hide)

AND

cpe:2.3:o:sony:xperia_5_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:sony:xperia_5:-:*:*:*:*:*:*:*

Configuration 3 (hide)

AND

cpe:2.3:o:sony:xperia_pro_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:sony:xperia_pro:-:*:*:*:*:*:*:*

History

No history.

Information

Published : 2022-08-17 21:15

Updated : 2024-02-28 19:29

NVD link : CVE-2022-23747

Mitre link : CVE-2022-23747

CVE.ORG link : CVE-2022-23747

JSON object : View

Products Affected

sony

xperia_pro_firmware
xperia_5
xperia_1
xperia_1_firmware
xperia_pro
xperia_5_firmware

CWE

CWE-120

Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')

{"id": "CVE-2022-23747", "metrics": {"cvssMetricV31": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 9.8, "attackVector": "NETWORK", "baseSeverity": "CRITICAL", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}, "impactScore": 5.9, "exploitabilityScore": 3.9}]}, "published": "2022-08-17T21:15:08.787", "references": [{"url": "https://cpr-zero.checkpoint.com/vulns/cprid-2191/", "tags": ["Exploit", "Third Party Advisory"], "source": "cve@checkpoint.com"}, {"url": "https://research.checkpoint.com/2022/bad-alac-one-codec-to-hack-the-whole-world/", "tags": ["Exploit", "Third Party Advisory"], "source": "cve@checkpoint.com"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-120"}]}, {"type": "Secondary", "source": "cve@checkpoint.com", "description": [{"lang": "en", "value": "CWE-120"}]}], "descriptions": [{"lang": "en", "value": "In Sony Xperia series 1, 5, and Pro, an out of bound memory access can occur due to lack of validation of the number of frames being passed during music playback."}, {"lang": "es", "value": "En las series Sony Xperia 1, 5 y Pro, puede producirse un acceso a la memoria fuera de l\u00edmites debido a una falta de comprobaci\u00f3n del n\u00famero de fotogramas que son pasados durante la reproducci\u00f3n de m\u00fasica."}], "lastModified": "2022-08-19T15:01:17.267", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:sony:xperia_1_firmware:-:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "FECFF2CD-6623-4E96-AF4C-AF965B40FE0C"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:sony:xperia_1:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "AE81F69D-48A8-4AE0-AAC6-5AEEF14BE778"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:sony:xperia_5_firmware:-:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "1A261189-611F-4E34-BDCD-877ECEC2CD6A"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:sony:xperia_5:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "E93A6274-D81C-4981-A5A8-31DCEDA2F135"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:sony:xperia_pro_firmware:-:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "6296EF2A-BC49-4C10-8301-FD3584EF3410"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:sony:xperia_pro:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "15758D5D-06BF-4D28-8F42-39A3D4A32D34"}], "operator": "OR"}], "operator": "AND"}], "sourceIdentifier": "cve@checkpoint.com"}