Vulnerability Description
The Photo Sharing Plus component on Sony Bravia TV through 8.587 devices allows Shell Metacharacter Injection.
CVSS Score
8.8
HIGH
CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Sony | R5C Firmware | < 8.590 |
| Sony | Kdl-32R500C | - |
| Sony | Kdl-32R503C | - |
| Sony | Kdl-32R505C | - |
| Sony | Kdl-40R550C | - |
| Sony | Kdl-40R553C | - |
| Sony | Kdl-40R555C | - |
| Sony | Kdl-48R550C | - |
| Sony | Kdl-48R553C | - |
| Sony | Kdl-48R555C | - |
| Sony | Wd75 Firmware | < 8.216 |
| Sony | Kdl-32Wd750 | - |
| Sony | Kdl-32Wd751 | - |
| Sony | Kdl-32Wd752 | - |
| Sony | Kdl-32Wd753 | - |
| Sony | Kdl-32Wd754 | - |
| Sony | Kdl-32Wd755 | - |
| Sony | Kdl-32Wd756 | - |
| Sony | Kdl-32Wd757 | - |
| Sony | Kdl-32Wd758 | - |
Related Weaknesses (CWE)
References
- https://fortiguard.com/zeroday/FG-VD-18-036Third Party Advisory
- https://www.sony.co.uk/electronics/support/articles/00201041PatchVendor Advisory
- https://fortiguard.com/zeroday/FG-VD-18-036Third Party Advisory
- https://www.sony.co.uk/electronics/support/articles/00201041PatchVendor Advisory
FAQ
What is CVE-2018-16593?
CVE-2018-16593 is a vulnerability with a CVSS score of 8.8 (HIGH). The Photo Sharing Plus component on Sony Bravia TV through 8.587 devices allows Shell Metacharacter Injection.
How severe is CVE-2018-16593?
CVE-2018-16593 has been rated HIGH with a CVSS base score of 8.8/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2018-16593?
Check the references section above for vendor advisories and patch information. Affected products include: Sony R5C Firmware, Sony Kdl-32R500C, Sony Kdl-32R503C, Sony Kdl-32R505C, Sony Kdl-40R550C.