How severe is CVE-2022-24046?

This vulnerability has a severity rating of CRITICAL with a CVSS score of 9.8 out of 10.

What type of vulnerability is CVE-2022-24046?

This is classified as CWE-191, which is a common weakness in software security.

CVE-2022-24046

CRITICAL Year: 2022

CVSS v3 Score

9.8

Critical

CVSS v2 Score

8.3

High

Weakness Type

CWE-191

View all →

Vulnerability Description

This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Sonos One Speaker prior to 3.4.1 (S2 systems) and 11.2.13 build 57923290 (S1 systems). Authentication is not required to exploit this vulnerability. The specific flaw exists within the anacapd daemon. The issue results from the lack of proper validation of user-supplied data, which can result in an integer underflow before writing to memory. An attacker can leverage this vulnerability to execute code in the context of root. Was ZDI-CAN-15828.

CVE-2005-0199

CRITICAL

CVSS:9.8(Critical)

Integer underflow in the Lists_MakeMask() function in lists.c in ngIRCd before 0.8.2 allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a ...

CWE-1912005

CVE-2015-0537

CRITICAL

CVSS:9.8(Critical)

Integer underflow in the base64-decoding implementation in EMC RSA BSAFE Micro Edition Suite (MES) 4.0.x before 4.0.8 and 4.1.x before 4.1.3, RSA BSAFE Crypto-C Micro Edition (Crypto-C ME) before 4.0....

CWE-1912015

CVE-2015-2311

CRITICAL

CVSS:9.8(Critical)

Integer underflow in Sandstorm Cap'n Proto before 0.4.1.1 and 0.5.x before 0.5.1.1 might allow remote peers to cause a denial of service or possibly obtain sensitive information from memory or execute...

CWE-1912015

CVE-2015-9129

CRITICAL

CVSS:9.8(Critical)

In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Automobile, Snapdragon Mobile, and Snapdragon Wear MDM9206, MDM9650, MSM8909W, SD 210/SD 212/SD 205, SD 410/12, SD 4...

CWE-1912015

CVE-2015-9167

CRITICAL

CVSS:9.8(Critical)

In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Automobile and Snapdragon Mobile SD 410/12, SD 425, SD 430, SD 450, SD 600, SD 615/16/SD 415, SD 617, SD 625, SD 650...

CWE-1912015

CVE-2015-9198

CRITICAL

CVSS:9.8(Critical)

In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Automobile, Snapdragon Mobile, and Snapdragon Wear IPQ4019, MDM9206, MDM9607, MDM9625, MDM9635M, MDM9640, MDM9645, M...

CWE-1912015

CVE-2022-24046

Vulnerability Description

Related Vulnerabilities

CVE-2005-0199

CVE-2015-0537

CVE-2015-2311

CVE-2015-9129

CVE-2015-9167

CVE-2015-9198