May 30, 2023Ravi LakshmananZero-day/vulnerability

Multiple security flaws discovered in the Sonos One wireless speaker can be exploited to accomplish information disclosure and remote code execution (Zero Day Initiative (ZDI)). Said In a report released last week.

This vulnerability was demonstrated at the Pwn2Own hacking contest in Toronto late last year by three different teams: Qrious Secure, STAR Labs, and DEVCORE, which won a prize of $105,000.

Below is a list of four defects affecting the Sonos One Speaker 70.3-35220.

  • CVE-2023-27352 and CVE-2023-27355 (CVSS score: 8.8) – Unauthenticated flaw allows network-adjacent attackers to execute arbitrary code on affected installations.
  • CVE-2023-27353 and CVE-2023-27354 (CVSS score: 6.5) – An unauthenticated flaw could allow a network-adjacent attacker to disclose sensitive information on the affected installation.

CVE-2023-27352 occurs when processing SMB directory query commands, while CVE-2023-27355 resides within the MPEG-TS parser.

upcoming webinars

Zero Trust + Deception: Learn How to Outsmart Attackers!

See how Deception can detect advanced threats, stop lateral movement, and strengthen your Zero Trust strategy. Join us for an insightful webinar!

Reserve your seat!

Successful exploitation of both shortcomings could allow an attacker to execute arbitrary code in the context of the root user.

Both information disclosure flaws can be individually combined with other flaws in the system to allow code execution with elevated privileges.

Following responsible disclosure on December 29, 2022, this flaw has been addressed by Sonos as part of Sonos S2 and S1 software versions 15.1 and 11.7.1 respectively. We recommend applying the latest patches to reduce potential risks.

Did you enjoy this article? Follow us twitter and LinkedIn To read more of the exclusive content we post.



Register now for our membership to gain access to our elite training program and fast forward your career today!


Subscribe my Newsletter for new blog posts, tips & new photos. Let's stay updated!

Security Blog

Blue Training Academy

Blue Training Academy was developed in 2018 as a educational and training facility for continuing education and certification courses. Blue Training Academy is an educational institution that allows for all sectors of the public and Criminal Justice field to gain ongoing training and education.

Copyright ©️ All rights reserved. | Blue Training Academy Blog