Hackers Win $105,000 for Reporting Critical Security Flaws in Sonos One Speakers

Technology

May 30, 2023Ravie LakshmananZero Day / Vulnerability

Multiple security flaws uncovered in Sonos One wireless speakers could be potentially exploited to achieve information disclosure and remote code execution, the Zero Day Initiative (ZDI) said in a report published last week.

The vulnerabilities were demonstrated by three different teams from Qrious Secure, STAR Labs, and DEVCORE at the Pwn2Own hacking contest held in Toronto late last year, netting them $105,000 in monetary rewards.

The list of four flaws, which impact Sonos One Speaker 70.3-35220, is below –

  • CVE-2023-27352 and CVE-2023-27355 (CVSS scores: 8.8) – Unauthenticated flaws that allow network-adjacent attackers to execute arbitrary code on affected installations.
  • CVE-2023-27353 and CVE-2023-27354 (CVSS score: 6.5) – Unauthenticated flaws that allow network-adjacent attackers to disclose sensitive information on affected installations.

While CVE-2023-27352 stems from when processing SMB directory query commands, CVE-2023-27355 exists within the MPEG-TS parser.

UPCOMING WEBINAR

Zero Trust + Deception: Learn How to Outsmart Attackers!

Discover how Deception can detect advanced threats, stop lateral movement, and enhance your Zero Trust strategy. Join our insightful webinar!

Save My Seat!

Successful exploitation of both shortcomings could permit an attacker to execute arbitrary code in the context of the root user.

Both the information disclosure flaws can be combined separately with other flaws in the systems to achieve code execution with elevated privileges.

Following responsible disclosure on December 29, 2022, the flaws were addressed by Sonos as part of Sonos S2 and S1 software versions 15.1 and 11.7.1, respectively. Users are recommended to apply the latest patches to mitigate potential risks.

Found this article interesting? Follow us on Twitter and LinkedIn to read more exclusive content we post.

Products You May Like

Articles You May Like

Palo Alto Networks Patches Critical Flaw in Expedition Migration Tool
Willie And Lukas Nelson Team Up For Special “Just Breathe” Duet As The Red Headed Stranger Returns To The Stage
Amazon sellers get dinged after Target discount snafu
‘RHONY’ Feud Over? Bethenny Frankel & Luann de Lesseps Reunite at Hamptons Party
Movie Review: ‘Reunion’ | Moviefone