← back
CVE-2022-23747

CVE-2022-23747

EPSS 10.0%CWE-120
Vexday Risk Score
8Low
SSVC decision (CISA)
Track
No exploitation signal → monitor
CVSS EPSS 10.0%KEV nãoPoC Nuclei Metasploit Patch
Lifecycle
17 Aug 2022Published on NVD
Recommendation: Monitor — no exploitation signal at the moment.
In Sony Xperia series 1, 5, and Pro, an out of bound memory access can occur due to lack of validation of the number of frames being passed during music playback.
Affected products
n/a · Sony Xperia

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
https://cpr-zero.checkpoint.com/vulns/cprid-2191/https://research.checkpoint.com/2022/bad-alac-one-codec-to-hack-the-whole-world/