Researchers from NCC Group have identified vulnerabilities in Sonos smart speakers that could allow attackers to eavesdrop on users [1] [2].
Description
The flaws impact devices prior to Sonos S2 release 15.9 and Sonos S1 release 11.12 [1] [2], shipped in October and November 2023 [2]. One of the vulnerabilities [1], tracked as CVE-2023-50809 [4], is a memory corruption flaw in the wireless driver that enables remote code execution on Sonos One devices during a WPA2 four-way handshake. This flaw allows attackers within Wi-Fi range to take control of the device and potentially record and exfiltrate audio. Another vulnerability, CVE-2023-50810 [1] [2] [3] [4], permits arbitrary code execution with Linux kernel privileges in the U-Boot component of the Sonos Era-100 firmware, leading to privilege escalation and compromising the security of the devices. It is crucial to ensure the security standard of OEM components and conduct thorough testing of all attack surfaces to mitigate these risks.
Conclusion
These vulnerabilities pose a serious threat to the security and privacy of Sonos smart speaker users. It is imperative for Sonos to address these issues promptly through software updates and patches. Additionally, users should be vigilant and ensure their devices are up to date with the latest security measures to protect against potential attacks. Moving forward, it is essential for manufacturers to prioritize security in the development of IoT devices to prevent similar vulnerabilities from being exploited in the future.
References
[1] https://thehackernews.com/2024/08/new-flaws-in-sonos-smart-speakers-allow.html
[2] https://patabook.com/technology/2024/08/09/new-flaws-in-sonos-smart-speakers-allow-hackers-to-eavesdrop-on-users/
[3] https://vulners.com/thn/THN:F89E0B23E308372D0CF2E1F03C9D7684
[4] https://securityaffairs.com/166823/hacking/sonos-smart-speakers-flaw.html