CNNVD-202506-2830 Information

CNNVD ID

CNNVD-202506-2830

Related CVE

CVE-2025-5475

• CNNVD Published: 2025-06-21

Description (Chinese)

Sony XAV-AX8500是日本索尼（Sony）公司的一个数码多媒体接收器。 Sony XAV-AX8500存在输入验证错误漏洞，该漏洞源于蓝牙数据包处理不当导致整数溢出，可能导致远程代码执行。

Description (English)

Sony XAV-AX8500 is a digital multimedia receiver for Sony, Japan. Sony XAV-AX8500 had an input validation error loophole that resulted from the integer spill caused by the inappropriate processing of bluetooth data packages, which could lead to remote code execution.

Hazard Level

Medium

Vulnerability Type

输入验证错误

Affected Vendor

索尼

Published

2025-06-21

Last Modified

2026-02-24

References

https://www.sony.com/electronics/support/mobile-cd-players-digital-media-players-xav-series/xav-ax8500/software/00344092 https://www.zerodayinitiative.com/advisories/ZDI-25-353/

Patch

https://www.sony.com/electronics/support/mobile-cd-players-digital-media-players-xav-series/xav-ax8500/downloads