Vulnerabilities > Sonos > ONE Firmware

DATE CVE VULNERABILITY TITLE RISK
2023-04-20 CVE-2023-27352 Use After Free vulnerability in Sonos ONE Firmware, S1 and S2
This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Sonos One Speaker 70.3-35220.
low complexity
sonos CWE-416
8.8
8.8
2023-04-20 CVE-2023-27353 Out-of-bounds Read vulnerability in Sonos ONE Firmware, S1 and S2
This vulnerability allows network-adjacent attackers to disclose sensitive information on affected installations of Sonos One Speaker 70.3-35220.
low complexity
sonos CWE-125
6.5
6.5
2023-04-20 CVE-2023-27354 Integer Overflow or Wraparound vulnerability in Sonos ONE Firmware, S1 and S2
This vulnerability allows network-adjacent attackers to disclose sensitive information on affected installations of Sonos One Speaker 70.3-35220.
low complexity
sonos CWE-190
6.5
6.5
2023-04-20 CVE-2023-27355 Stack-based Buffer Overflow vulnerability in Sonos ONE Firmware, S1 and S2
This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Sonos One Speaker 70.3-35220.
low complexity
sonos CWE-121
8.8
8.8
2022-10-20 CVE-2020-9285 Unspecified vulnerability in Sonos ONE Firmware
Some versions of Sonos One (1st and 2nd generation) allow partial or full memory access via attacker controlled hardware that can be attached to the Mini-PCI Express slot on the motherboard that hosts the WiFi card on the device.
low complexity
sonos
6.8
6.8