Vulnerabilities > Sonos
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-06-06 | CVE-2024-5256 | Integer Underflow (Wrap or Wraparound) vulnerability in Sonos ERA 100 Firmware 15.9 Sonos Era 100 SMB2 Message Handling Integer Underflow Information Disclosure Vulnerability. | 4.3 |
| 2024-06-06 | CVE-2024-5267 | Out-of-bounds Write vulnerability in Sonos ERA 100 Firmware 15.9 Sonos Era 100 SMB2 Message Handling Out-Of-Bounds Write Remote Code Execution Vulnerability. | 8.8 |
| 2024-06-06 | CVE-2024-5268 | Out-of-bounds Read vulnerability in Sonos ERA 100 Firmware 15.9 Sonos Era 100 SMB2 Message Handling Out-Of-Bounds Read Information Disclosure Vulnerability. | 6.5 |
| 2024-06-06 | CVE-2024-5269 | Use After Free vulnerability in Sonos ERA 100 Firmware 15.9 Sonos Era 100 SMB2 Message Handling Use-After-Free Remote Code Execution Vulnerability. | 8.8 |
| 2023-04-20 | CVE-2023-27352 | Use After Free vulnerability in Sonos ONE Firmware, S1 and S2 This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Sonos One Speaker 70.3-35220. | 8.8 |
| 2023-04-20 | CVE-2023-27353 | Out-of-bounds Read vulnerability in Sonos ONE Firmware, S1 and S2 This vulnerability allows network-adjacent attackers to disclose sensitive information on affected installations of Sonos One Speaker 70.3-35220. | 6.5 |
| 2023-04-20 | CVE-2023-27354 | Integer Overflow or Wraparound vulnerability in Sonos ONE Firmware, S1 and S2 This vulnerability allows network-adjacent attackers to disclose sensitive information on affected installations of Sonos One Speaker 70.3-35220. | 6.5 |
| 2023-04-20 | CVE-2023-27355 | Stack-based Buffer Overflow vulnerability in Sonos ONE Firmware, S1 and S2 This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Sonos One Speaker 70.3-35220. | 8.8 |
| 2022-10-20 | CVE-2020-9285 | Unspecified vulnerability in Sonos ONE Firmware Some versions of Sonos One (1st and 2nd generation) allow partial or full memory access via attacker controlled hardware that can be attached to the Mini-PCI Express slot on the motherboard that hosts the WiFi card on the device. low complexity sonos | 6.8 |
| 2022-02-18 | CVE-2022-24046 | Integer Underflow (Wrap or Wraparound) vulnerability in Sonos S1 and S2 This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Sonos One Speaker prior to 3.4.1 (S2 systems) and 11.2.13 build 57923290 (S1 systems). | 8.3 |