PT-2020-18563 · Sony · Wh-Xb700+10

Published

2020-06-09

Updated

2020-06-23

CVE-2020-5589

CVSS v2.0

8.3

High

Vector

AV:A/AC:L/Au:N/C:C/I:C/A:C

Name of the Vulnerable Software and Affected Versions SONY Wireless Headphones WF-1000X, WF-SP700N, WH-1000XM2, WH-1000XM3, WH-CH700N, WH-H900N, WH-XB700, WH-XB900N, WI-1000X, WI-C600N and WI-SP600N versions prior to 4.5.2

Description The issue allows someone within the Bluetooth range to make unauthorized Bluetooth pairing and operate the headphones, such as changing the volume.

Recommendations For SONY Wireless Headphones WF-1000X, WF-SP700N, WH-1000XM2, WH-1000XM3, WH-CH700N, WH-H900N, WH-XB700, WH-XB900N, WI-1000X, WI-C600N and WI-SP600N versions prior to 4.5.2, update the firmware to version 4.5.2 or later to resolve the issue.

Fix

Missing Authentication

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-306

Related Identifiers

CVE-2020-5589

Affected Products

Wf-1000X

Wf-Sp700N

Wh-1000Xm2

Wh-1000Xm3

Wh-Ch700N

Wh-H900N

Wh-Xb700

Wh-Xb900N

Wi-1000X

Wi-C600N

Wi-Sp600N

PT-2020-18563 · Sony · Wh-Xb700+10

CVE-2020-5589

Weakness Enumeration

Related Identifiers

Affected Products

References · 4