CVE-2023-50809

CVSS 3.1 Score 7.8 of 10 (high)

Details

Published Aug 12, 2024

Updated: Oct 24, 2024

Summary

CVE-2023-50809 is a critical vulnerability affecting certain Sonos devices, including Amp, Arc, Arc SL, Beam, Beam Gen 2, Beam SL, and Five. The issue lies within the mt_7615.ko wireless driver, which fails to validate an information element during a WPA2 four-way handshake. Consequently, a stack buffer overflow occurs, enabling attackers to execute remote code within the device's kernel. This vulnerability was present before S1 Release 11.12 and S2 release 15.9.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

https://app.recordedfuture.com/live/sc/entity/tzLUC-
https://www.cve.org/CVERecord?id=CVE-2023-50809
https://nvd.nist.gov/vuln/detail/CVE-2023-50809

Back to Vulnerability Database

CVE-2023-50809

CVSS 3.1 Score 7.8 of 10 (high)

Details

Summary

Advisories, Assessments, and Mitigations