CVE-2018-16595

6.5

MEDIUM

Sony Bravia TV Photo Sharing Plus Buffer Overflow

Description

The Photo Sharing Plus component on Sony Bravia TV through 8.587 devices has a Buffer Overflow.

INFO

Published Date :

June 19, 2019, 7:15 p.m.

Last Modified :

Nov. 21, 2024, 3:53 a.m.

Source :

[email protected]

Remotely Exploitable :

No

Impact Score :

3.6

Exploitability Score :

2.8

Affected Products

The following products are affected by CVE-2018-16595 vulnerability. Even if cvefeed.io is aware of the exact versions of the products that are affected, the information is not represented in the table below.

ID	Vendor	Product
1	Sony	r5c_firmware
2	Sony	wd75_firmware
3	Sony	wd65_firmware
4	Sony	xe70_firmware
5	Sony	xf70_firmware
6	Sony	we75_firmware
7	Sony	we6_firmware
8	Sony	wf6_firmware
9	Sony	kdl-32r500c
10	Sony	kdl-32r503c
11	Sony	kdl-32r505c
12	Sony	kdl-40r550c
13	Sony	kdl-40r553c
14	Sony	kdl-40r555c
15	Sony	kdl-48r550c
16	Sony	kdl-48r553c
17	Sony	kdl-48r555c
18	Sony	kdl-32wd750
19	Sony	kdl-32wd751
20	Sony	kdl-32wd752
21	Sony	kdl-32wd753
22	Sony	kdl-32wd754
23	Sony	kdl-32wd755
24	Sony	kdl-32wd756
25	Sony	kdl-32wd757
26	Sony	kdl-32wd758
27	Sony	kdl-32wd759
28	Sony	kdl-43wd750
29	Sony	kdl-43wd751
30	Sony	kdl-43wd752
31	Sony	kdl-43wd753
32	Sony	kdl-43wd754
33	Sony	kdl-43wd755
34	Sony	kdl-43wd756
35	Sony	kdl-43wd757
36	Sony	kdl-43wd758
37	Sony	kdl-43wd759
38	Sony	kdl-49wd750
39	Sony	kdl-49wd751
40	Sony	kdl-49wd752
41	Sony	kdl-49wd753
42	Sony	kdl-49wd754
43	Sony	kdl-49wd755
44	Sony	kdl-49wd756
45	Sony	kdl-49wd757
46	Sony	kdl-49wd758
47	Sony	kdl-49wd759
48	Sony	kdl-40wd650
49	Sony	kdl-40wd653
50	Sony	kdl-40wd655
51	Sony	kdl-48wd650
52	Sony	kdl-48wd653
53	Sony	kdl-48wd655
54	Sony	kd-43xe7000
55	Sony	kd-43xe7002
56	Sony	kd-43xe7003
57	Sony	kd-43xe7004
58	Sony	kd-43xe7005
59	Sony	kd-43xe7073
60	Sony	kd-43xe7077
61	Sony	kd-43xe7093
62	Sony	kd-43xe7096
63	Sony	kd-49xe7000
64	Sony	kd-49xe7002
65	Sony	kd-49xe7003
66	Sony	kd-49xe7004
67	Sony	kd-49xe7005
68	Sony	kd-49xe7073
69	Sony	kd-49xe7077
70	Sony	kd-49xe7093
71	Sony	kd-49xe7096
72	Sony	kd-55xe7000
73	Sony	kd-55xe7002
74	Sony	kd-55xe7003
75	Sony	kd-55xe7004
76	Sony	kd-55xe7005
77	Sony	kd-55xe7073
78	Sony	kd-55xe7077
79	Sony	kd-55xe7093
80	Sony	kd-55xe7096
81	Sony	kd-65xe7002
82	Sony	kd-65xe7003
83	Sony	kd-65xe7004
84	Sony	kd-65xe7005
85	Sony	kd-65xe7093
86	Sony	kd-65xe7096
87	Sony	xf70
88	Sony	kdl-43we750
89	Sony	kdl-43we753
90	Sony	kdl-43we754
91	Sony	kdl-43we755
92	Sony	kdl-49we750
93	Sony	kdl-49we753
94	Sony	kdl-49we754
95	Sony	kdl-49we755
96	Sony	kdl-32we610
97	Sony	kdl-32we613
98	Sony	kdl-32we615
99	Sony	kdl-40we660
100	Sony	kdl-40we663
101	Sony	kdl-40we665
102	Sony	kdl-49we660
103	Sony	kdl-49we663
104	Sony	kdl-49we665
105	Sony	wf6

: Total Affected Vendor : 1 | Products : 105

References to Advisories, Solutions, and Tools

Here, you will find a curated list of external links that provide in-depth information, practical solutions, and valuable tools related to CVE-2018-16595.

URL	Resource
https://fortiguard.com/zeroday/FG-VD-18-036	Third Party Advisory
https://www.sony.co.uk/electronics/support/articles/00201041	Patch Vendor Advisory
https://fortiguard.com/zeroday/FG-VD-18-036	Third Party Advisory
https://www.sony.co.uk/electronics/support/articles/00201041	Patch Vendor Advisory

We scan GitHub repositories to detect new proof-of-concept exploits. Following list is a collection of public exploits and proof-of-concepts, which have been published on GitHub (sorted by the most recently updated).

Results are limited to the first 15 repositories due to potential performance issues.

The following list is the news that have been mention CVE-2018-16595 vulnerability anywhere in the article.

The following table lists the changes that have been made to the CVE-2018-16595 vulnerability over time.

Vulnerability history details can be useful for understanding the evolution of a vulnerability, and for identifying the most recent changes that may impact the vulnerability's severity, exploitability, or other characteristics.

CVE Modified by af854a3a-2127-422b-91ae-364da2661108

Nov. 21, 2024

Action	Type	Old Value	New Value
Added	Reference		https://fortiguard.com/zeroday/FG-VD-18-036
Added	Reference		https://www.sony.co.uk/electronics/support/articles/00201041

CVE Modified by [email protected]

May. 14, 2024

Action	Type	Old Value	New Value

Initial Analysis by [email protected]

Jun. 24, 2019

Action	Type	Old Value	New Value
Added	CVSS V2		(AV:A/AC:L/Au:N/C:N/I:N/A:P)
Added	CVSS V3		AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Changed	Reference Type	https://fortiguard.com/zeroday/FG-VD-18-036 No Types Assigned	https://fortiguard.com/zeroday/FG-VD-18-036 Third Party Advisory
Changed	Reference Type	https://www.sony.co.uk/electronics/support/articles/00201041 No Types Assigned	https://www.sony.co.uk/electronics/support/articles/00201041 Patch, Vendor Advisory
Added	CWE		CWE-119
Added	CPE Configuration		AND OR cpe:2.3:o:sony:r5c_firmware::::::::* versions up to (excluding) 8.590 OR cpe:2.3:h:sony:kdl-32r500c:-:::::::* cpe:2.3:h:sony:kdl-32r503c:-:::::::* cpe:2.3:h:sony:kdl-32r505c:-:::::::* cpe:2.3:h:sony:kdl-40r550c:-:::::::* cpe:2.3:h:sony:kdl-40r553c:-:::::::* cpe:2.3:h:sony:kdl-40r555c:-:::::::* cpe:2.3:h:sony:kdl-48r550c:-:::::::* cpe:2.3:h:sony:kdl-48r553c:-:::::::* cpe:2.3:h:sony:kdl-48r555c:-:::::::*
Added	CPE Configuration		AND OR cpe:2.3:o:sony:wd75_firmware::::::::* versions up to (excluding) 8.216 OR cpe:2.3:h:sony:kdl-32wd750:-:::::::* cpe:2.3:h:sony:kdl-32wd751:-:::::::* cpe:2.3:h:sony:kdl-32wd752:-:::::::* cpe:2.3:h:sony:kdl-32wd753:-:::::::* cpe:2.3:h:sony:kdl-32wd754:-:::::::* cpe:2.3:h:sony:kdl-32wd755:-:::::::* cpe:2.3:h:sony:kdl-32wd756:-:::::::* cpe:2.3:h:sony:kdl-32wd757:-:::::::* cpe:2.3:h:sony:kdl-32wd758:-:::::::* cpe:2.3:h:sony:kdl-32wd759:-:::::::* cpe:2.3:h:sony:kdl-43wd750:-:::::::* cpe:2.3:h:sony:kdl-43wd751:-:::::::* cpe:2.3:h:sony:kdl-43wd752:-:::::::* cpe:2.3:h:sony:kdl-43wd753:-:::::::* cpe:2.3:h:sony:kdl-43wd754:-:::::::* cpe:2.3:h:sony:kdl-43wd755:-:::::::* cpe:2.3:h:sony:kdl-43wd756:-:::::::* cpe:2.3:h:sony:kdl-43wd757:-:::::::* cpe:2.3:h:sony:kdl-43wd758:-:::::::* cpe:2.3:h:sony:kdl-43wd759:-:::::::* cpe:2.3:h:sony:kdl-49wd750:-:::::::* cpe:2.3:h:sony:kdl-49wd751:-:::::::* cpe:2.3:h:sony:kdl-49wd752:-:::::::* cpe:2.3:h:sony:kdl-49wd753:-:::::::* cpe:2.3:h:sony:kdl-49wd754:-:::::::* cpe:2.3:h:sony:kdl-49wd755:-:::::::* cpe:2.3:h:sony:kdl-49wd756:-:::::::* cpe:2.3:h:sony:kdl-49wd757:-:::::::* cpe:2.3:h:sony:kdl-49wd758:-:::::::* cpe:2.3:h:sony:kdl-49wd759:-:::::::*
Added	CPE Configuration		AND OR cpe:2.3:o:sony:wd65_firmware::::::::* versions up to (excluding) 8.216 OR cpe:2.3:h:sony:kdl-40wd650:-:::::::* cpe:2.3:h:sony:kdl-40wd653:-:::::::* cpe:2.3:h:sony:kdl-40wd655:-:::::::* cpe:2.3:h:sony:kdl-48wd650:-:::::::* cpe:2.3:h:sony:kdl-48wd653:-:::::::* cpe:2.3:h:sony:kdl-48wd655:-:::::::*
Added	CPE Configuration		AND OR cpe:2.3:o:sony:xe70_firmware::::::::* versions up to (excluding) 8.764 OR cpe:2.3:h:sony:kd-43xe7000:-:::::::* cpe:2.3:h:sony:kd-43xe7002:-:::::::* cpe:2.3:h:sony:kd-43xe7003:-:::::::* cpe:2.3:h:sony:kd-43xe7004:-:::::::* cpe:2.3:h:sony:kd-43xe7005:-:::::::* cpe:2.3:h:sony:kd-43xe7073:-:::::::* cpe:2.3:h:sony:kd-43xe7077:-:::::::* cpe:2.3:h:sony:kd-43xe7093:-:::::::* cpe:2.3:h:sony:kd-43xe7096:-:::::::* cpe:2.3:h:sony:kd-49xe7000:-:::::::* cpe:2.3:h:sony:kd-49xe7002:-:::::::* cpe:2.3:h:sony:kd-49xe7003:-:::::::* cpe:2.3:h:sony:kd-49xe7004:-:::::::* cpe:2.3:h:sony:kd-49xe7005:-:::::::* cpe:2.3:h:sony:kd-49xe7073:-:::::::* cpe:2.3:h:sony:kd-49xe7077:-:::::::* cpe:2.3:h:sony:kd-49xe7093:-:::::::* cpe:2.3:h:sony:kd-49xe7096:-:::::::* cpe:2.3:h:sony:kd-55xe7000:-:::::::* cpe:2.3:h:sony:kd-55xe7002:-:::::::* cpe:2.3:h:sony:kd-55xe7003:-:::::::* cpe:2.3:h:sony:kd-55xe7004:-:::::::* cpe:2.3:h:sony:kd-55xe7005:-:::::::* cpe:2.3:h:sony:kd-55xe7073:-:::::::* cpe:2.3:h:sony:kd-55xe7077:-:::::::* cpe:2.3:h:sony:kd-55xe7093:-:::::::* cpe:2.3:h:sony:kd-55xe7096:-:::::::* cpe:2.3:h:sony:kd-65xe7002:-:::::::* cpe:2.3:h:sony:kd-65xe7003:-:::::::* cpe:2.3:h:sony:kd-65xe7004:-:::::::* cpe:2.3:h:sony:kd-65xe7005:-:::::::* cpe:2.3:h:sony:kd-65xe7093:-:::::::* cpe:2.3:h:sony:kd-65xe7096:-:::::::*
Added	CPE Configuration		AND OR cpe:2.3:o:sony:xf70_firmware::::::::* versions up to (excluding) 8.764 OR cpe:2.3:h:sony:xf70:-:::::::*
Added	CPE Configuration		AND OR cpe:2.3:o:sony:we75_firmware::::::::* versions up to (excluding) 8.464 OR cpe:2.3:h:sony:kdl-43we750:-:::::::* cpe:2.3:h:sony:kdl-43we753:-:::::::* cpe:2.3:h:sony:kdl-43we754:-:::::::* cpe:2.3:h:sony:kdl-43we755:-:::::::* cpe:2.3:h:sony:kdl-49we750:-:::::::* cpe:2.3:h:sony:kdl-49we753:-:::::::* cpe:2.3:h:sony:kdl-49we754:-:::::::* cpe:2.3:h:sony:kdl-49we755:-:::::::*
Added	CPE Configuration		AND OR cpe:2.3:o:sony:we6_firmware::::::::* versions up to (excluding) 8.464 OR cpe:2.3:h:sony:kdl-32we610:-:::::::* cpe:2.3:h:sony:kdl-32we613:-:::::::* cpe:2.3:h:sony:kdl-32we615:-:::::::* cpe:2.3:h:sony:kdl-40we660:-:::::::* cpe:2.3:h:sony:kdl-40we663:-:::::::* cpe:2.3:h:sony:kdl-40we665:-:::::::* cpe:2.3:h:sony:kdl-49we660:-:::::::* cpe:2.3:h:sony:kdl-49we663:-:::::::* cpe:2.3:h:sony:kdl-49we665:-:::::::*
Added	CPE Configuration		AND OR cpe:2.3:o:sony:wf6_firmware::::::::* versions up to (excluding) 8.464 OR cpe:2.3:h:sony:wf6:-:::::::*

EPSS is a daily estimate of the probability of exploitation activity being observed over the next 30 days. Following chart shows the EPSS score history of the vulnerability.

CWE - Common Weakness Enumeration

While CVE identifies specific instances of vulnerabilities, CWE categorizes the common flaws or weaknesses that can lead to vulnerabilities. CVE-2018-16595 is associated with the following CWEs:

CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer

Common Attack Pattern Enumeration and Classification (CAPEC)

Common Attack Pattern Enumeration and Classification (CAPEC) stores attack patterns, which are descriptions of the common attributes and approaches employed by adversaries to exploit the CVE-2018-16595 weaknesses.

CAPEC-8: Buffer Overflow in an API Call Buffer Overflow in an API Call CAPEC-9: Buffer Overflow in Local Command-Line Utilities Buffer Overflow in Local Command-Line Utilities CAPEC-10: Buffer Overflow via Environment Variables Buffer Overflow via Environment Variables CAPEC-14: Client-side Injection-induced Buffer Overflow Client-side Injection-induced Buffer Overflow CAPEC-24: Filter Failure through Buffer Overflow Filter Failure through Buffer Overflow CAPEC-42: MIME Conversion MIME Conversion CAPEC-44: Overflow Binary Resource File Overflow Binary Resource File CAPEC-45: Buffer Overflow via Symbolic Links Buffer Overflow via Symbolic Links CAPEC-46: Overflow Variables and Tags Overflow Variables and Tags CAPEC-47: Buffer Overflow via Parameter Expansion Buffer Overflow via Parameter Expansion CAPEC-100: Overflow Buffers Overflow Buffers CAPEC-123: Buffer Manipulation Buffer Manipulation

CVE-2018-16595

Sony Bravia TV Photo Sharing Plus Buffer Overflow

Description

INFO

June 19, 2019, 7:15 p.m.

Nov. 21, 2024, 3:53 a.m.

[email protected]

No

3.6

2.8

Affected Products

References to Advisories, Solutions, and Tools

CVE Modified by af854a3a-2127-422b-91ae-364da2661108

CVE Modified by [email protected]

Initial Analysis by [email protected]

CWE - Common Weakness Enumeration

Common Attack Pattern Enumeration and Classification (CAPEC)

Exploit Prediction

0.07 }} 0.00%

0.26855

CVSS30 - Vulnerability Scoring System

Theme Customizer

Layout

Vertical

Horizontal

Two Column

Color Scheme

Light

Dark

Layout Width

Fluid

Boxed

Layout Position

Topbar Color

Light

Dark

Sidebar Size

Default

Compact

Small (Icon View)

Small Hover View

Sidebar View

Default

Detached

Sidebar Color

Light

Dark

Gradient

Preloader

Enable

Disable