VYPR

XAV-AX8500

by Sony

CVEs (10)

  • CVE-2025-5820HigJun 21, 2025
    risk 0.57cvss 8.8epss 0.00

    Sony XAV-AX8500 Bluetooth ERTM Channel Authentication Bypass Vulnerability. This vulnerability allows network-adjacent attackers to bypass authentication on affected Sony XAV-AX8500 devices. Authentication is not required to exploit this vulnerability. The specific flaw exists…

  • CVE-2025-5478HigJun 21, 2025
    risk 0.57cvss 8.8epss 0.00

    Sony XAV-AX8500 Bluetooth SDP Protocol Integer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Sony XAV-AX8500 devices. Authentication is not required to exploit this…

  • CVE-2025-5476HigJun 21, 2025
    risk 0.57cvss 8.8epss 0.00

    Sony XAV-AX8500 Bluetooth Improper Isolation Authentication Bypass Vulnerability. This vulnerability allows network-adjacent attackers to bypass authentication on affected Sony XAV-AX8500 devices. Authentication is not required to exploit this vulnerability. The specific flaw…

  • CVE-2024-23934HigSep 23, 2024
    risk 0.57cvss 8.8epss 0.01

    Sony XAV-AX5500 WMV/ASF Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Sony XAV-AX5500 devices. User interaction is required to exploit this vulnerability…

  • CVE-2025-5479HigJun 21, 2025
    risk 0.49cvss 7.5epss 0.00

    Sony XAV-AX8500 Bluetooth AVCTP Protocol Heap-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Sony XAV-AX8500 devices. An attacker must first obtain the ability…

  • CVE-2025-5477HigJun 21, 2025
    risk 0.49cvss 7.5epss 0.00

    Sony XAV-AX8500 Bluetooth L2CAP Protocol Heap-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected Sony XAV-AX8500 devices. An attacker must first obtain the ability to pair a…

  • CVE-2025-5475HigJun 21, 2025
    risk 0.49cvss 7.5epss 0.00

    Sony XAV-AX8500 Bluetooth Packet Handling Integer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected Sony XAV-AX8500 devices. An attacker must first obtain the ability to pair a malicious…

  • CVE-2024-23922MedSep 23, 2024
    risk 0.47cvss 6.8epss 0.02

    Sony XAV-AX5500 Insufficient Firmware Update Validation Remote Code Execution Vulnerability. This vulnerability allows physically present attackers to execute arbitrary code on affected installations of Sony XAV-AX5500 devices. Authentication is not required to exploit this…

  • CVE-2024-23972MedSep 23, 2024
    risk 0.44cvss 6.8epss 0.01

    Sony XAV-AX5500 USB Configuration Descriptor Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows physically present attackers to execute arbitrary code on affected installations of Sony XAV-AX5500 devices. Authentication is not required to exploit this…

  • CVE-2024-23933MedSep 23, 2024
    risk 0.44cvss 6.8epss 0.01

    Sony XAV-AX5500 CarPlay TLV Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows physically present attackers to execute arbitrary code on affected installations of Sony XAV-AX5500 devices. Authentication is not required to exploit this…