Primary

Context

Sony XAV-AX8500 Bluetooth Authentication Bypass Vulnerability

Vulnerability

An authentication bypass vulnerability has been identified in the Sony XAV-AX8500 Bluetooth system. This issue arises from improper isolation in the implementation of ACL-U links, which allows network-adjacent attackers to bypass authentication. The vulnerability exploits a lack of L2CAP channel isolation, enabling unauthorized access to the system.

Impact

Exploitation of this vulnerability allows for authentication bypass on the affected device, potentially leading to unauthorized access or actions within the system.

Remediation

Sony has released a firmware update to address this vulnerability. The update can be downloaded from the Sony support website for the XAV-AX8500 model. Users should ensure that the date and time are correctly set before and after the update process.

Added: Jun 21, 2025, 1:25 AM

Updated: Jun 21, 2025, 1:25 AM

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

5.0

exploitability

4.9

remediation

7.7

relevance

0.2

threat

0.0

urgency

2.9

incentive

0.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

5.0

exploitability

4.9

remediation

7.7

relevance

0.2

threat

0.0

urgency

2.9

incentive

0.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Sony XAV-AX8500 Bluetooth Authentication Bypass Vulnerability

Vulnerability

Impact

Remediation

Affected Products

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating