Sony XAV-AX8500 Bluetooth SDP Protocol Integer Overflow Remote Code Execution Vulnerability

A remote code execution vulnerability has been identified in the Sony XAV-AX8500 Bluetooth system. This issue arises from an integer overflow in the Bluetooth Service Discovery Protocol (SDP) implementation, caused by inadequate validation of user-supplied data. As a result, network-adjacent attackers can execute arbitrary code on the device with root privileges. No authentication is required to exploit this vulnerability.

Impact

Exploitation of this vulnerability allows for arbitrary code execution on the affected device, with the executed code running in the context of the root user.

Remediation

Sony has released a firmware update to address this vulnerability. The update can be downloaded from the Sony support website for the XAV-AX8500 model. Users can update the firmware via the Internet using USB tethering with their smartphone or by using a USB storage device and their computer.