CVE-2023-50810

Published: Aug 12, 2024Modified: Jun 17, 2026Deferred

6.0

Vector

CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:H/A:L

Exploitability: 1.2 / Impact: 4.7

Source: 134c704f-9b21-4f2e-91b3-4a467353bcc0 (Secondary)

Description

In certain Sonos products before Sonos S1 Release 11.12 and S2 release 15.9, a vulnerability exists in the U-Boot component of the firmware that allow persistent arbitrary code execution with Linux kernel privileges. A failure to correctly handle the return value of the setenv command can be used to override the kernel command-line parameters and ultimately bypass the Secure Boot implementation. This affects PLAY5 gen 2, PLAYBASE, PLAY:1, One, One SL, and Amp.

Related CWEs

CWE-94

Improper Control of Generation of Code ('Code Injection')

The product constructs all or part of a code segment using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the syntax or behavior of the intended code segment.

References (1)

https://www.sonos.com/en-us/security-advisory-2024-0001

Source: cve@mitre.org

Timeline

No history available yet.