Heap-based Buffer Overflow in Sonos Era 300 Speakers
CVE-2025-1051

8.8HIGH

Key Information:

Vendor: Sonos
Status: Era 300
Vendor: CVE Published:; 2 June 2025

What is CVE-2025-1051?

A critical vulnerability has been identified within the Sonos Era 300 speakers, which is primarily due to improper validation of user-supplied data in the processing of ALAC audio data. This flaw allows network-adjacent attackers to potentially execute arbitrary code on the device without any authentication required. By exploiting this buffer overflow, attackers can manipulate the heap memory, leading to unauthorized operations and control over the affected speaker. This poses significant risks to user privacy and device integrity.

Affected Version(s)

Era 300 81.1-58074

References

https://www.zerodayinitiative.com/advisories/ZDI-25-311/

x_research-advisory

CVSS V3.0

Score:

8.8

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Adjacent Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Jun 2, 2025
Vulnerability Reserved
Feb 4, 2025