Sonos S1/S2 Firmware Persistent Code Execution Vulnerabilities (CVE-2023-50810/50809) Advisory

Security Advisory: 2024-0001 Advisory ID: SSA-2024-0001 Severity: High Issue Date: 2024-08-01 CVE(s): CVE-2023-50810, CVE-2023-50809 Synopsis: Recent software updates address multiple security vulnerabilities (CVE-2023-50810, CVE-2023-50809) 1. Impacted Products All S1 and S2 Systems. Affected versions: All releases prior to Sonos S2 release 15.9, and Sonos S1 release 11.12 2. Introduction Multiple vulnerabilities were privately reported to Sonos. Updates are available to remediate these vulnerabilities in affected Sonos products. 3. Persistent Code Execution (CVE-2023-50810) Description: A vulnerability exists in the U-Boot component of the firmware which would allow for persistent arbitrary code execution with Linux kernel privileges. Known Attack Vectors: A malicious actor with physical access to the device or by obtaining write access to the flash memory through a separate runtime vulnerability may be able to exploit this. Resolution: To remediate CVE-2023-50810 apply the update Sonos S2 release 15.9 Workarounds: None Additional Documentation: None Notes: None 4. Persistent Code Execution (CVE-2023-50809) Description: A low-privileged, close-proximity attacker could exploit this vulnerability to remotely execute arbitrary code. Resolution: To remediate CVE-2023-50809 apply the update Sonos S2 release 15.9 Workarounds: None Additional Documentation: The link to the MediaTek driver security advisory lives here: Notes: None Acknowledgments: Sonos would like to thank Alexander Plaskett and NCC Group for their responsible disclosure by reporting this issue to us.

Goal Reached Thanks to every supporter — we hit 100%!

Sonos S1/S2 Firmware Persistent Code Execution Vulnerabilities (CVE-2023-50810/50809) Advisory