Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

Sonos — Vulnerabilities & Security Advisories 16

Browse all 16 CVE security advisories affecting Sonos. AI-powered Chinese analysis, POCs, and references for each vulnerability.

Sonos develops wireless multi-room audio systems for home entertainment. Historically, the company's products have faced vulnerabilities including remote code execution, cross-site scripting, and privilege escalation, often stemming from web interfaces and mobile applications. Security researchers have identified issues in firmware updates and authentication mechanisms. While no major public security incidents have been widely reported, the 16 documented CVEs highlight ongoing security challenges in IoT audio devices. The company has addressed vulnerabilities through patches, but the interconnected nature of its systems presents a persistent attack surface for potential unauthorized access or device compromise.

Top products by Sonos: One Speaker Era 300 Era 100 api.sonos.com
CVE IDTitleCVSSSeverityPublished
CVE-2026-4149 Sonos Era 300 SMB Response Out-Of-Bounds Access Remote Code Execution Vulnerability — Era 300CWE-119 9.8 -2026-04-11
CVE-2025-1051 Sonos Era 300 Heap-based Buffer Overflow Remote Code Execution Vulnerability — Era 300CWE-122 8.8AIHighAI2025-06-02
CVE-2025-1050 Sonos Era 300 Out-of-Bounds Write Remote Code Execution Vulnerability — Era 300CWE-787 8.8 -2025-04-23
CVE-2025-1049 Sonos Era 300 Heap-based Buffer Overflow Remote Code Execution Vulnerability — Era 300CWE-122 8.8 -2025-04-23
CVE-2025-1048 Sonos Era 300 Speaker libsmb2 Use-After-Free Remote Code Execution Vulnerability — Era 300CWE-416 8.8 -2025-04-23
CVE-2025-43916 Sonos api.sonos.com 安全漏洞 — api.sonos.comCWE-647 3.4 Low2025-04-21
CVE-2024-5269 Sonos Era 100 SMB2 Message Handling Use-After-Free Remote Code Execution Vulnerability — Era 100CWE-416 8.8AIHighAI2024-06-06
CVE-2024-5268 Sonos Era 100 SMB2 Message Handling Out-Of-Bounds Read Information Disclosure Vulnerability — Era 100CWE-125 6.5AIMediumAI2024-06-06
CVE-2024-5267 Sonos Era 100 SMB2 Message Handling Out-Of-Bounds Write Remote Code Execution Vulnerability — Era 100CWE-787 8.8AIHighAI2024-06-06
CVE-2024-5256 Sonos Era 100 SMB2 Message Handling Integer Underflow Information Disclosure Vulnerability — Era 100CWE-191 6.5AIMediumAI2024-06-06
CVE-2023-27352 Sonos One Speaker 资源管理错误漏洞 — One SpeakerCWE-416 8.8 -2023-04-20
CVE-2023-27353 Sonos One Speaker 缓冲区错误漏洞 — One SpeakerCWE-125 6.5 -2023-04-20
CVE-2023-27354 One Speaker 输入验证错误漏洞 — One SpeakerCWE-190 6.5 -2023-04-20
CVE-2023-27355 Sonos One Speaker 安全漏洞 — One SpeakerCWE-121 8.8 -2023-04-20
CVE-2022-24049 Sonos One Speaker 缓冲区错误漏洞 — One SpeakerCWE-121 9.8 -2022-02-18
CVE-2022-24046 Sonos One Speaker 数字错误漏洞 — One SpeakerCWE-191 8.8 -2022-02-18

This page lists every published CVE security advisory associated with Sonos. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.