Vulnerability Details CVE-2019-11336
Sony Bravia Smart TV devices allow remote attackers to retrieve the static Wi-Fi password (used when the TV is acting as an access point) by using the Photo Sharing Plus application to execute a backdoor API command, a different vulnerability than CVE-2019-10886.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.033
EPSS Ranking 86.7%
CVSS Severity
CVSS v3 Score 8.1
CVSS v2 Score 4.3
References
- http://packetstormsecurity.com/files/152612/Sony-Smart-TV-Information-Disclosure-File-Read.html
- http://seclists.org/fulldisclosure/2019/Apr/32
- http://www.securityfocus.com/bid/108072
- https://seclists.org/bugtraq/2019/Apr/34
- https://www.darkmatter.ae/xen1thlabs/sony-smart-tv-photo-sharing-plus-information-disclosure-vulnerability-xl-19-003/
- http://packetstormsecurity.com/files/152612/Sony-Smart-TV-Information-Disclosure-File-Read.html
- http://seclists.org/fulldisclosure/2019/Apr/32
- http://www.securityfocus.com/bid/108072
- https://seclists.org/bugtraq/2019/Apr/34
- https://www.darkmatter.ae/xen1thlabs/sony-smart-tv-photo-sharing-plus-information-disclosure-vulnerability-xl-19-003/
Products affected by CVE-2019-11336
-
cpe:2.3:a:sony:photo_sharing_plus:6.5830
-
cpe:2.3:h:sony:kdl-50w800c:-
-
cpe:2.3:h:sony:kdl-50w805c:-
-
cpe:2.3:h:sony:kdl-50w807c:-
-
cpe:2.3:h:sony:kdl-50w809c:-
-
cpe:2.3:h:sony:kdl-50w820c:-
-
cpe:2.3:h:sony:kdl-55w800c:-
-
cpe:2.3:h:sony:kdl-55w805c:-
-
cpe:2.3:h:sony:kdl-65w850c:-
-
cpe:2.3:h:sony:kdl-65w855c:-
-
cpe:2.3:h:sony:kdl-65w857c:-
-
cpe:2.3:h:sony:kdl-75w850c:-
-
cpe:2.3:h:sony:kdl-75w855c:-
-
cpe:2.3:h:sony:x7500d:-
-
cpe:2.3:h:sony:xbr-100z9d:-
-
cpe:2.3:h:sony:xbr-43x800d:-
-
cpe:2.3:h:sony:xbr-43x800e:-
-
cpe:2.3:h:sony:xbr-43x830c:-
-
cpe:2.3:h:sony:xbr-49x700d:-
-
cpe:2.3:h:sony:xbr-49x800c:-
-
cpe:2.3:h:sony:xbr-49x800d:-
-
cpe:2.3:h:sony:xbr-49x800e:-
-
cpe:2.3:h:sony:xbr-49x830c:-
-
cpe:2.3:h:sony:xbr-49x835c:-
-
cpe:2.3:h:sony:xbr-49x835d:-
-
cpe:2.3:h:sony:xbr-49x837c:-
-
cpe:2.3:h:sony:xbr-49x839c:-
-
cpe:2.3:h:sony:xbr-49x900e:-
-
cpe:2.3:h:sony:xbr-55a1e:-
-
cpe:2.3:h:sony:xbr-55x700d:-
-
cpe:2.3:h:sony:xbr-55x800e:-
-
cpe:2.3:h:sony:xbr-55x805c:-
-
cpe:2.3:h:sony:xbr-55x806e:-
-
cpe:2.3:h:sony:xbr-55x807c:-
-
cpe:2.3:h:sony:xbr-55x809c:-
-
cpe:2.3:h:sony:xbr-55x810c:-
-
cpe:2.3:h:sony:xbr-55x850c:-
-
cpe:2.3:h:sony:xbr-55x850d:-
-
cpe:2.3:h:sony:xbr-55x855c:-
-
cpe:2.3:h:sony:xbr-55x855d:-
-
cpe:2.3:h:sony:xbr-55x857c:-
-
cpe:2.3:h:sony:xbr-55x857d:-
-
cpe:2.3:h:sony:xbr-55x900c:-
-
cpe:2.3:h:sony:xbr-55x900e:-
-
cpe:2.3:h:sony:xbr-55x905c:-
-
cpe:2.3:h:sony:xbr-55x907c:-
-
cpe:2.3:h:sony:xbr-55x930d:-
-
cpe:2.3:h:sony:xbr-55x930e:-
-
cpe:2.3:h:sony:xbr-65a1e:-
-
cpe:2.3:h:sony:xbr-65x750d:-
-
cpe:2.3:h:sony:xbr-65x800c:-
-
cpe:2.3:h:sony:xbr-65x805c:-
-
cpe:2.3:h:sony:xbr-65x807c:-
-
cpe:2.3:h:sony:xbr-65x809c:-
-
cpe:2.3:h:sony:xbr-65x810c:-
-
cpe:2.3:h:sony:xbr-65x850c:-
-
cpe:2.3:h:sony:xbr-65x850d:-
-
cpe:2.3:h:sony:xbr-65x850e:-
-
cpe:2.3:h:sony:xbr-65x855c:-
-
cpe:2.3:h:sony:xbr-65x855d:-
-
cpe:2.3:h:sony:xbr-65x857c:-
-
cpe:2.3:h:sony:xbr-65x857d:-
-
cpe:2.3:h:sony:xbr-65x900c:-
-
cpe:2.3:h:sony:xbr-65x900e:-
-
cpe:2.3:h:sony:xbr-65x905c:-
-
cpe:2.3:h:sony:xbr-65x907c:-
-
cpe:2.3:h:sony:xbr-65x930c:-
-
cpe:2.3:h:sony:xbr-65x930d:-
-
cpe:2.3:h:sony:xbr-65x930e:-
-
cpe:2.3:h:sony:xbr-65x935d:-
-
cpe:2.3:h:sony:xbr-65x937d:-
-
cpe:2.3:h:sony:xbr-65z9d:-
-
cpe:2.3:h:sony:xbr-75x850c:-
-
cpe:2.3:h:sony:xbr-75x850d:-
-
cpe:2.3:h:sony:xbr-75x850e:-
-
cpe:2.3:h:sony:xbr-75x855c:-
-
cpe:2.3:h:sony:xbr-75x855d:-
-
cpe:2.3:h:sony:xbr-75x857d:-
-
cpe:2.3:h:sony:xbr-75x900e:-
-
cpe:2.3:h:sony:xbr-75x910c:-
-
cpe:2.3:h:sony:xbr-75x940c:-
-
cpe:2.3:h:sony:xbr-75x940d:-
-
cpe:2.3:h:sony:xbr-75x940e:-
-
cpe:2.3:h:sony:xbr-75x945c:-
-
cpe:2.3:h:sony:xbr-75z9d:-
-
cpe:2.3:h:sony:xbr-77a1e:-
-
cpe:2.3:h:sony:xbr-85x850d:-
-
cpe:2.3:h:sony:xbr-85x855d:-
-
cpe:2.3:h:sony:xbr-85x857d:-