Vulnerability Description
SONY Wireless Headphones WF-1000X, WF-SP700N, WH-1000XM2, WH-1000XM3, WH-CH700N, WH-H900N, WH-XB700, WH-XB900N, WI-1000X, WI-C600N and WI-SP600N with firmware versions prior to 4.5.2 have vulnerability that someone within the Bluetooth range can make the Bluetooth pairing and operate such as changing volume of the product.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Sony | Wf-1000X Firmware | - |
| Sony | Wf-1000X | - |
| Sony | Wf-Sp700N Firmware | - |
| Sony | Wf-Sp700N | - |
| Sony | Wh-1000Xm2 Firmware | - |
| Sony | Wh-1000Xm2 | - |
| Sony | Wh-1000Xm3 Firmware | - |
| Sony | Wh-1000Xm3 | - |
| Sony | Wh-Ch700N Firmware | - |
| Sony | Wh-Ch700N | - |
| Sony | Wh-H900N Firmware | - |
| Sony | Wh-H900N | - |
| Sony | Wh-Xb700 Firmware | - |
| Sony | Wh-Xb700 | - |
| Sony | Wh-Xb900N Firmware | - |
| Sony | Wh-Xb900N | - |
| Sony | Wi-1000X Firmware | - |
| Sony | Wi-1000X | - |
| Sony | Wi-C600N Firmware | - |
| Sony | Wi-C600N | - |
Related Weaknesses (CWE)
References
- https://jvn.jp/en/jp/JVN67447798/Third Party Advisory
- https://www.sony.com/electronics/support/audio-video-headphonesVendor Advisory
- https://jvn.jp/en/jp/JVN67447798/Third Party Advisory
- https://www.sony.com/electronics/support/audio-video-headphonesVendor Advisory
FAQ
What is CVE-2020-5589?
CVE-2020-5589 is a vulnerability with a CVSS score of 8.8 (HIGH). SONY Wireless Headphones WF-1000X, WF-SP700N, WH-1000XM2, WH-1000XM3, WH-CH700N, WH-H900N, WH-XB700, WH-XB900N, WI-1000X, WI-C600N and WI-SP600N with firmware versions prior to 4.5.2 have vulnerabilit...
How severe is CVE-2020-5589?
CVE-2020-5589 has been rated HIGH with a CVSS base score of 8.8/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2020-5589?
Check the references section above for vendor advisories and patch information. Affected products include: Sony Wf-1000X Firmware, Sony Wf-1000X, Sony Wf-Sp700N Firmware, Sony Wf-Sp700N, Sony Wh-1000Xm2 Firmware.