Vulnerability CVE-2019-11889


Published: 2019-07-09

Description:
Sony BRAVIA Smart TV devices allow remote attackers to cause a denial of service (device hang) via a crafted web page over HbbTV.

See advisories in our WLB2 database:
Topic
Author
Date
Med.
Sony BRAVIA Smart TV Denial Of Service
xen1thLabs
09.07.2019

Type:

CWE-20

(Improper Input Validation)

CVSS2 => (AV:N/AC:L/Au:N/C:N/I:N/A:C)

CVSS Base Score
Impact Subscore
Exploitability Subscore
7.8/10
6.9/10
10/10
Exploit range
Attack complexity
Authentication
Remote
Low
No required
Confidentiality impact
Integrity impact
Availability impact
None
None
Complete
Affected software
SONY -> Bravia firmware 

 References:
http://packetstormsecurity.com/files/153547/Sony-BRAVIA-Smart-TV-Denial-Of-Service.html
http://seclists.org/fulldisclosure/2019/Jul/8
https://www.darkmatter.ae/xen1thlabs/sony-remote-denial-of-service-triggered-over-vulnerability-hbbtv-xl-19-014/
https://www.first.org/members/teams/sony_psirt

Copyright 2020, cxsecurity.com

 

Back to Top