Bluetooth Vulnerability in Sony Wireless Headphones
CVE-2020-5589

8.8HIGH

Key Information:

Vendor: Sony Corporation
Status: Sony Wireless Headphones Wf-1000x, Wf-sp700n, Wh-1000xm2, Wh-1000xm3, Wh-ch700n, Wh-h900n, Wh-xb700, Wh-xb900n, Wi-1000x, Wi-c600n, Wi-sp600n
Vendor: CVE Published:; 9 June 2020

🔔 Create Sony Corporation Vulnerability Alert

What is CVE-2020-5589?

Certain models of Sony Wireless Headphones have a Bluetooth vulnerability that allows unauthorized access by individuals within Bluetooth range. This can potentially enable others to control specific functions, like adjusting the volume, without the user's consent. Affected models have firmware versions older than 4.5.2, making it crucial for users to update their devices to the latest firmware to ensure security and privacy.

Affected Version(s)

Sony wireless headphones WF-1000X, WF-SP700N, WH-1000XM2, WH-1000XM3, WH-CH700N, WH-H900N, WH-XB700, WH-XB900N, WI-1000X, WI-C600N, WI-SP600N firmware versions prior to 4.5.2

References

https://www.sony.com/electronics/support/audio-video-head...

x_refsource_MISC

https://jvn.jp/en/jp/JVN67447798/

x_refsource_MISC

CVSS V3.1

Score:

8.8

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Adjacent Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Jun 9, 2020
Vulnerability Reserved
Jan 6, 2020