Vulnerabilities > Sony > Low

DATE CVE VULNERABILITY TITLE RISK
2019-11-14 CVE-2019-15743 Externally Controlled Reference to a Resource in Another Sphere vulnerability in Sony Xperia Touch Firmware
The Sony Xperia Touch Android device with a build fingerprint of Sony/blanc_windy/blanc_windy:7.0/LOIRE-SMART-BLANC-1.0.0-170530-0834/1:user/dev-keys contains a pre-installed app with a package name of com.sonymobile.android.maintenancetool.testmic app (versionCode=24, versionName=7.0) that allows unauthorized microphone audio recording via a confused deputy attack.
local
low complexity
sony CWE-610
2.1
2019-11-14 CVE-2019-15744 Externally Controlled Reference to a Resource in Another Sphere vulnerability in Sony Xperia XZS Firmware
The Sony Xperia Xperia XZs Android device with a build fingerprint of Sony/keyaki_softbank/keyaki_softbank:7.1.1/TONE3-3.0.0-SOFTBANK-170517-0323/1:user/dev-keys contains a pre-installed app with a package name of jp.softbank.mb.tdrl app (versionCode=1413005, versionName=1.3.0) that allows unauthorized wireless settings modification via a confused deputy attack.
local
low complexity
sony CWE-610
2.1
2019-06-19 CVE-2018-16595 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Sony products
The Photo Sharing Plus component on Sony Bravia TV through 8.587 devices has a Buffer Overflow.
low complexity
sony CWE-119
3.3
2019-04-25 CVE-2018-14983 Improper Input Validation vulnerability in Sony Xperia L1 Firmware
The Sony Xperia L1 Android device with a build fingerprint of Sony/G3313/G3313:7.0/43.0.A.6.49/2867558199:user/release-keys contains the android framework (i.e., system_server) with a package name of android (versionCode=24, versionName=7.0) that has been modified by Sony or another entity in the supply chain.
local
low complexity
sony CWE-20
2.1
2017-04-13 CVE-2016-7834 Information Exposure vulnerability in Sony SNC Series Firmware
SONY SNC-CH115, SNC-CH120, SNC-CH160, SNC-CH220, SNC-CH260, SNC-DH120, SNC-DH120T, SNC-DH160, SNC-DH220, SNC-DH220T, SNC-DH260, SNC-EB520, SNC-EM520, SNC-EM521, SNC-ZB550, SNC-ZM550, SNC-ZM551, SNC-EP550, SNC-EP580, SNC-ER550, SNC-ER550C, SNC-ER580, SNC-ER585, SNC-ER585H, SNC-ZP550, SNC-ZR550, SNC-EP520, SNC-EP521, SNC-ER520, SNC-ER521, SNC-ER521C network cameras with firmware before Ver.1.86.00 and SONY SNC-CX600, SNC-CX600W, SNC-EB600, SNC-EB600B, SNC-EB602R, SNC-EB630, SNC-EB630B, SNC-EB632R, SNC-EM600, SNC-EM601, SNC-EM602R, SNC-EM602RC, SNC-EM630, SNC-EM631, SNC-EM632R, SNC-EM632RC, SNC-VB600, SNC-VB600B, SNC-VB600B5, SNC-VB630, SNC-VB6305, SNC-VB6307, SNC-VB632D, SNC-VB635, SNC-VM600, SNC-VM600B, SNC-VM600B5, SNC-VM601, SNC-VM601B, SNC-VM602R, SNC-VM630, SNC-VM6305, SNC-VM6307, SNC-VM631, SNC-VM632R, SNC-WR600, SNC-WR602, SNC-WR602C, SNC-WR630, SNC-WR632, SNC-WR632C, SNC-XM631, SNC-XM632, SNC-XM636, SNC-XM637, SNC-VB600L, SNC-VM600L, SNC-XM631L, SNC-WR602CL network cameras with firmware before Ver.2.7.2 are prone to sensitive information disclosure.
low complexity
sony CWE-200
3.3