CVE-2022-23747

Sažetak

In Sony Xperia series 1, 5, and Pro, an out of bound memory access can occur due to lack of validation of the number of frames being passed during music playback.

Reference

https://research.checkpoint.com/2022/bad-alac-one-codec-to-hack-the-whole-world/
https://cpr-zero.checkpoint.com/vulns/cprid-2191/

CVSS

Base:	9.8
Impact:	5.9
Exploitability:	3.9

Pristup

Vektor	Složenost	Autentikacija
NETWORK	LOW	-

Impact

Povjerljivost	Cjelovitost	Dostupnost
HIGH	HIGH	HIGH

CVSS vektor

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Zadnje važnije ažuriranje

19-08-2022 - 15:01

Objavljeno

17-08-2022 - 21:15