{"dataType": "CVE_RECORD", "cveMetadata": {"state": "PUBLISHED", "cveId": "CVE-2023-50809", "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "dateUpdated": "2024-10-24T19:54:55.419Z", "dateReserved": "2023-12-14T00:00:00", "datePublished": "2024-08-09T00:00:00"}, "containers": {"cna": {"providerMetadata": {"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre", "dateUpdated": "2024-08-09T21:05:48.861259"}, "descriptions": [{"lang": "en", "value": "In certain Sonos products before S1 Release 11.12 and S2 release 15.9, the mt_7615.ko wireless driver does not properly validate an information element during negotiation of a WPA2 four-way handshake. This lack of validation leads to a stack buffer overflow. This can result in remote code execution within the kernel. This affects Amp, Arc, Arc SL, Beam, Beam Gen 2, Beam SL, and Five."}], "affected": [{"vendor": "n/a", "product": "n/a", "versions": [{"version": "n/a", "status": "affected"}]}], "references": [{"url": "https://www.sonos.com/en-us/security-advisory-2024-0001"}], "problemTypes": [{"descriptions": [{"type": "text", "lang": "en", "description": "n/a"}]}]}, "adp": [{"affected": [{"vendor": "sonos", "product": "s2", "cpes": ["cpe:2.3:a:sonos:s2:*:*:*:*:*:*:*:*"], "defaultStatus": "unknown", "versions": [{"version": "0", "status": "affected", "lessThan": "15.9", "versionType": "custom"}]}], "metrics": [{"cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 7.8, "attackVector": "LOCAL", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "LOW", "confidentialityImpact": "HIGH"}}, {"other": {"type": "ssvc", "content": {"timestamp": "2024-08-13T13:53:35.292555Z", "id": "CVE-2023-50809", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "total"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-10-24T19:54:55.419Z"}}]}, "dataVersion": "5.1"}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 7.8, "attackVector": "LOCAL", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "LOW", "confidentialityImpact": "HIGH"}}, {"other": {"type": "ssvc", "content": {"id": "CVE-2023-50809", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "total"}], "version": "2.0.3", "timestamp": "2024-08-13T13:53:35.292555Z"}}}], "affected": [{"cpes": ["cpe:2.3:a:sonos:s2:*:*:*:*:*:*:*:*"], "vendor": "sonos", "product": "s2", "versions": [{"status": "affected", "version": "0", "lessThan": "15.9", "versionType": "custom"}], "defaultStatus": "unknown"}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-08-13T13:59:32.777Z"}}], "cna": {"affected": [{"vendor": "n/a", "product": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "references": [{"url": "https://www.sonos.com/en-us/security-advisory-2024-0001"}], "descriptions": [{"lang": "en", "value": "In certain Sonos products before S1 Release 11.12 and S2 release 15.9, the mt_7615.ko wireless driver does not properly validate an information element during negotiation of a WPA2 four-way handshake. This lack of validation leads to a stack buffer overflow. This can result in remote code execution within the kernel. This affects Amp, Arc, Arc SL, Beam, Beam Gen 2, Beam SL, and Five."}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "text", "description": "n/a"}]}], "providerMetadata": {"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre", "dateUpdated": "2024-08-09T21:05:48.861259"}}}, "cveMetadata": {"cveId": "CVE-2023-50809", "state": "PUBLISHED", "dateUpdated": "2024-10-24T19:54:55.419Z", "dateReserved": "2023-12-14T00:00:00", "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "datePublished": "2024-08-09T00:00:00", "assignerShortName": "mitre"}, "dataVersion": "5.1"}

{"cveTags": [], "descriptions": [{"lang": "en", "value": "In certain Sonos products before S1 Release 11.12 and S2 release 15.9, the mt_7615.ko wireless driver does not properly validate an information element during negotiation of a WPA2 four-way handshake. This lack of validation leads to a stack buffer overflow. This can result in remote code execution within the kernel. This affects Amp, Arc, Arc SL, Beam, Beam Gen 2, Beam SL, and Five."}, {"lang": "es", "value": "En ciertos productos Sonos anteriores a la versi\u00f3n S1 11.12 y S2 versi\u00f3n 15.9, el controlador inal\u00e1mbrico mt_7615.ko no valida correctamente un elemento de informaci\u00f3n durante la negociaci\u00f3n de un protocolo de enlace de cuatro v\u00edas WPA2. Esta falta de validaci\u00f3n provoca un desbordamiento del b\u00fafer de pila. Esto puede resultar en la ejecuci\u00f3n remota de c\u00f3digo dentro del kernel. Esto afecta a Amp, Arc, Arc SL, Beam, Beam Gen 2, Beam SL y Five."}], "id": "CVE-2023-50809", "lastModified": "2024-10-24T20:35:04.223", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 1.8, "impactScore": 5.9, "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary"}]}, "published": "2024-08-12T13:38:11.923", "references": [{"source": "cve@mitre.org", "url": "https://www.sonos.com/en-us/security-advisory-2024-0001"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Awaiting Analysis"}

{}