Sonos: Security vulnerabilities jeopardize several speaker systems
Attackers can exploit security vulnerabilities in Sonos speaker systems to inject malicious code. Updates are available.
(Image: Erstellt mit KI in Bing Creator von heise online / dmk)
Attackers can abuse security vulnerabilities in Sonos speaker systems to inject malicious code and execute it on the speakers. Updates are available.
The Zero-Day Initiative (ZDI) from Trend Micro and Sonos have now published coordinated information on a total of three vulnerabilities. All three vulnerabilities narrowly miss being classified as critical security risks and can be exploited without prior registration.
Sonos: Three high-risk security vulnerabilities
The first of the security leaks now reported is due to a missing check when processing SMB data (i.e., from Windows network shares) whether an object even exists before the Sonos software performs operations on it(CVE-2025-1048, CVSS 8.8, risk “high”). Somewhat unexpected is a security-relevant problem in the processing of ID3 tags, such as those contained in MP3 files. The length of user-supplied data is not sufficiently checked before it is copied to a buffer on the heap. The potential buffer overflow allows malicious code to be injected and executed “anacapa” in the context of the user(CVE-2025-1049, CVSS 8.8, risk “high”).
Videos by heise
The situation is similar when processing HLS playlist data. Here, too, there is no proper check of the length of user-supplied data, which allows write access beyond the end of an allocated data structure – allowing the user “anacapa” to involuntarily execute smuggled-in malicious code(CVE-2025-1050, CVSS 8.8, risk “high”).
The vulnerability entries of the ZDI describe the gaps for the Sonos Era-300 systems. However, a now publicly available security advisory from Sonos explains that all Sonos S1 and S2 systems, and more specifically system releases prior to v16.6 (build 83.1-61240) and Sonos S1 system releases v11.15.1 (build 57.22-61162) are vulnerable. These are vulnerabilities that were discovered during the Pwn2Own 2024 event in Ireland. A Sonos guide explains how users can install the available updates.
Last year, Sonos struggled with a failed launch of the new Sonos app. A seven-point catalog of measures should help to improve processes and regain the trust of the community.
(dmk)
