CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2022-23747

In Sony Xperia series 1, 5, and Pro, an out of bound memory access can occur due to lack of validation of the number of frames being passed during music playback.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.057

EPSS Ranking 89.9%

CVSS Severity

CVSS v3 Score 9.8

References

https://cpr-zero.checkpoint.com/vulns/cprid-2191/
https://research.checkpoint.com/2022/bad-alac-one-codec-to-hack-the-whole-world/
https://cpr-zero.checkpoint.com/vulns/cprid-2191/
https://research.checkpoint.com/2022/bad-alac-one-codec-to-hack-the-whole-world/

Products affected by CVE-2022-23747

Sony » Xperia 1 » Version: N/A

cpe:2.3:h:sony:xperia_1:-
Sony » Xperia 5 » Version: N/A

cpe:2.3:h:sony:xperia_5:-
Sony » Xperia Pro » Version: N/A

cpe:2.3:h:sony:xperia_pro:-
Sony » Xperia 1 Firmware » Version: N/A

cpe:2.3:o:sony:xperia_1_firmware:-
Sony » Xperia 5 Firmware » Version: N/A

cpe:2.3:o:sony:xperia_5_firmware:-
Sony » Xperia Pro Firmware » Version: N/A

cpe:2.3:o:sony:xperia_pro_firmware:-

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2022-23747

Products

Pricing

Contact Us