#SonosSecurity

New Flaws in Sonos Smart Speakers Allow Hackers to Eavesdrop on Users

by

August 9, 2024 at 10:21AM Cybersecurity researchers discovered vulnerabilities in Sonos smart speakers that could be exploited by attackers to eavesdrop on users, impacting all versions prior to Sonos S2 release 15.9 and Sonos S1 release 11.12. These findings were presented at Black Hat USA 2024 and reveal two security defects, CVE-2023-50809 and CVE-2023-50810, compromising … Read more

Vulnerability Allowed Eavesdropping via Sonos Smart Speakers

by

August 9, 2024 at 05:12AM NCC Group researchers disclosed vulnerabilities in Sonos smart speakers, including a flaw allowing eavesdropping on users (CVE-2023-50809). Exploiting this through Wi-Fi could allow remote code execution and audio recording. Sonos and MediaTek released patches. Additional flaws in secure boot were discovered. Details are available in NCC Group’s whitepaper and accompanying … Read more