Lucene search

K
nvd[email protected]NVD:CVE-2022-23747
HistoryAug 17, 2022 - 9:15 p.m.

CVE-2022-23747

2022-08-1721:15:08
CWE-120
web.nvd.nist.gov
1
cve-2022-23747
sony xperia
memory access

CVSS3

9.8

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

EPSS

0.003

Percentile

65.9%

In Sony Xperia series 1, 5, and Pro, an out of bound memory access can occur due to lack of validation of the number of frames being passed during music playback.

Affected configurations

NVD
Node
sonyxperia_1_firmwareMatch-
AND
sonyxperia_1Match-
Node
sonyxperia_5_firmwareMatch-
AND
sonyxperia_5Match-
Node
sonyxperia_pro_firmwareMatch-
AND
sonyxperia_proMatch-

CVSS3

9.8

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

EPSS

0.003

Percentile

65.9%

Related for NVD:CVE-2022-23747