Unrated severityNVD Advisory· Published Jan 6, 2026· Updated Jan 6, 2026

Sony BRAVIA Digital Signage 1.7.8 Unauthenticated System API Information Disclosure

CVE-2020-36922

Description

Sony BRAVIA Digital Signage 1.7.8 contains an information disclosure vulnerability that allows unauthenticated attackers to access sensitive system details through API endpoints. Attackers can retrieve network interface information, server configurations, and system metadata by sending requests to the exposed system API.

Affected products

Pro Bravia/Sony Bravia Digital Signagev5
Range: 0

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

cxsecurity.com/issue/WLB-2020120028mitreexploit
packetstorm.news/files/id/160343mitreexploit
www.exploit-db.com/exploits/49187mitreexploit
www.vulncheck.com/advisories/sony-bravia-digital-signage-unauthenticated-system-api-information-disclosuremitrethird-party-advisory
www.zeroscience.mk/en/vulnerabilities/ZSL-2020-5610.phpmitrethird-party-advisory
exchange.xforce.ibmcloud.com/vulnerabilities/192606mitrevdb-entry
pro-bravia.sony.netmitreproduct
pro-bravia.sony.net/resources/software/bravia-signage/mitreproduct
pro.sony/ue_US/products/display-softwaremitreproduct

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.000
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000