Bluetooth L2CAP Protocol Vulnerability in Sony XAV-AX8500
CVE-2025-5477
Currently unrated
What is CVE-2025-5477?
The Sony XAV-AX8500 is affected by a Bluetooth vulnerability stemming from a flaw in the L2CAP protocol implementation. This vulnerability arises from inadequate validation of the data length when it is supplied by the user, allowing an attacker to exploit the heap-based buffer overflow. Once a malicious Bluetooth device is paired with the target, an attacker can execute arbitrary code in the context of the elysian-bt-service process, compromising the affected device's security.