Remote Code Execution Vulnerability in Sony XAV-AX8500 Bluetooth Protocol
CVE-2025-5478
Currently unrated
What is CVE-2025-5478?
A remote code execution vulnerability exists in the Bluetooth SDP protocol of the Sony XAV-AX8500 device due to improper validation of user-supplied data. This vulnerability allows network-adjacent attackers to execute arbitrary code, potentially gaining root access, without requiring any authentication. Exploitation can lead to significant security risks, making it essential for users to take appropriate measures to secure their devices.