CNNVD-202506-2834 Information

CNNVD ID

CNNVD-202506-2834

Related CVE

CVE-2025-5477

• CNNVD Published: 2025-06-21

Description (Chinese)

Sony XAV-AX8500是日本索尼（Sony）公司的一个数码多媒体接收器。 Sony XAV-AX8500存在安全漏洞，该漏洞源于蓝牙L2CAP协议实现不当导致堆缓冲区溢出，可能导致远程代码执行。

Description (English)

Sony XAV-AX8500 is a digital multimedia receiver for Sony, Japan. Sony XAV-AX8500 had a security loophole, which stemmed from the implementation of the Bluetooth L2CAP protocol, which had led to the spilling out of the buffer zone and could lead to remote code implementation.

Hazard Level

Medium

Vulnerability Type

其他

Affected Vendor

索尼

Published

2025-06-21

Last Modified

2026-02-24

References

https://www.sony.com/electronics/support/mobile-cd-players-digital-media-players-xav-series/xav-ax8500/software/00344092 https://www.zerodayinitiative.com/advisories/ZDI-25-354/

Patch

https://www.sony.com/electronics/support/mobile-cd-players-digital-media-players-xav-series/xav-ax8500/downloads