Search

Find a vulnerability

Search criteria

    4 vulnerabilities found for vaio_update by sony

    CVE-2019-5982 (GCVE-0-2019-5982)

    Vulnerability from nvd – Published: 2019-07-05 13:20 – Updated: 2024-08-04 20:09
    VLAI
    Summary
    Improper download file verification vulnerability in VAIO Update 7.3.0.03150 and earlier allows remote attackers to conduct a man-in-the-middle attack via a malicous wireless LAN access point. A successful exploitation may result in a malicious file being downloaded/executed.
    Severity
    No CVSS data available.
    CWE
    • Improper File Verification
    Assigner
    References
    Impacted products
    Vendor Product Version
    Sony Corporation VAIO Update Affected: 7.3.0.03150 and earlier
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-04T20:09:24.026Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://www.sony.com/electronics/support/articles/00228777"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://jvn.jp/en/jp/JVN13555032/index.html"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "VAIO Update",
              "vendor": "Sony Corporation",
              "versions": [
                {
                  "status": "affected",
                  "version": "7.3.0.03150 and earlier"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "Improper download file verification vulnerability in VAIO Update 7.3.0.03150 and earlier allows remote attackers to conduct a man-in-the-middle attack via a malicous wireless LAN access point. A successful exploitation may result in a malicious file being downloaded/executed."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "Improper File Verification",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2019-07-05T13:20:18.000Z",
            "orgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
            "shortName": "jpcert"
          },
          "references": [
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://www.sony.com/electronics/support/articles/00228777"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://jvn.jp/en/jp/JVN13555032/index.html"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "vultures@jpcert.or.jp",
              "ID": "CVE-2019-5982",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "VAIO Update",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "7.3.0.03150 and earlier"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "Sony Corporation"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Improper download file verification vulnerability in VAIO Update 7.3.0.03150 and earlier allows remote attackers to conduct a man-in-the-middle attack via a malicous wireless LAN access point. A successful exploitation may result in a malicious file being downloaded/executed."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "Improper File Verification"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "https://www.sony.com/electronics/support/articles/00228777",
                  "refsource": "MISC",
                  "url": "https://www.sony.com/electronics/support/articles/00228777"
                },
                {
                  "name": "https://jvn.jp/en/jp/JVN13555032/index.html",
                  "refsource": "MISC",
                  "url": "https://jvn.jp/en/jp/JVN13555032/index.html"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
        "assignerShortName": "jpcert",
        "cveId": "CVE-2019-5982",
        "datePublished": "2019-07-05T13:20:18.000Z",
        "dateReserved": "2019-01-10T00:00:00.000Z",
        "dateUpdated": "2024-08-04T20:09:24.026Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2019-5981 (GCVE-0-2019-5981)

    Vulnerability from nvd – Published: 2019-07-05 13:20 – Updated: 2024-08-04 20:09
    VLAI
    Summary
    Improper authorization vulnerability in VAIO Update 7.3.0.03150 and earlier allows an attackers to execute arbitrary executable file with administrative privilege via unspecified vectors.
    Severity
    No CVSS data available.
    CWE
    • Improper Authorization
    Assigner
    References
    Impacted products
    Vendor Product Version
    Sony Corporation VAIO Update Affected: 7.3.0.03150 and earlier
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-04T20:09:23.992Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://www.sony.com/electronics/support/articles/00228777"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://jvn.jp/en/jp/JVN13555032/index.html"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "VAIO Update",
              "vendor": "Sony Corporation",
              "versions": [
                {
                  "status": "affected",
                  "version": "7.3.0.03150 and earlier"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "Improper authorization vulnerability in VAIO Update 7.3.0.03150 and earlier allows an attackers to execute arbitrary executable file with administrative privilege via unspecified vectors."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "Improper Authorization",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2019-07-05T13:20:17.000Z",
            "orgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
            "shortName": "jpcert"
          },
          "references": [
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://www.sony.com/electronics/support/articles/00228777"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://jvn.jp/en/jp/JVN13555032/index.html"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "vultures@jpcert.or.jp",
              "ID": "CVE-2019-5981",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "VAIO Update",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "7.3.0.03150 and earlier"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "Sony Corporation"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Improper authorization vulnerability in VAIO Update 7.3.0.03150 and earlier allows an attackers to execute arbitrary executable file with administrative privilege via unspecified vectors."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "Improper Authorization"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "https://www.sony.com/electronics/support/articles/00228777",
                  "refsource": "MISC",
                  "url": "https://www.sony.com/electronics/support/articles/00228777"
                },
                {
                  "name": "https://jvn.jp/en/jp/JVN13555032/index.html",
                  "refsource": "MISC",
                  "url": "https://jvn.jp/en/jp/JVN13555032/index.html"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
        "assignerShortName": "jpcert",
        "cveId": "CVE-2019-5981",
        "datePublished": "2019-07-05T13:20:17.000Z",
        "dateReserved": "2019-01-10T00:00:00.000Z",
        "dateUpdated": "2024-08-04T20:09:23.992Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2019-5982 (GCVE-0-2019-5982)

    Vulnerability from cvelistv5 – Published: 2019-07-05 13:20 – Updated: 2024-08-04 20:09
    VLAI
    Summary
    Improper download file verification vulnerability in VAIO Update 7.3.0.03150 and earlier allows remote attackers to conduct a man-in-the-middle attack via a malicous wireless LAN access point. A successful exploitation may result in a malicious file being downloaded/executed.
    Severity
    No CVSS data available.
    CWE
    • Improper File Verification
    Assigner
    References
    Impacted products
    Vendor Product Version
    Sony Corporation VAIO Update Affected: 7.3.0.03150 and earlier
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-04T20:09:24.026Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://www.sony.com/electronics/support/articles/00228777"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://jvn.jp/en/jp/JVN13555032/index.html"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "VAIO Update",
              "vendor": "Sony Corporation",
              "versions": [
                {
                  "status": "affected",
                  "version": "7.3.0.03150 and earlier"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "Improper download file verification vulnerability in VAIO Update 7.3.0.03150 and earlier allows remote attackers to conduct a man-in-the-middle attack via a malicous wireless LAN access point. A successful exploitation may result in a malicious file being downloaded/executed."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "Improper File Verification",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2019-07-05T13:20:18.000Z",
            "orgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
            "shortName": "jpcert"
          },
          "references": [
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://www.sony.com/electronics/support/articles/00228777"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://jvn.jp/en/jp/JVN13555032/index.html"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "vultures@jpcert.or.jp",
              "ID": "CVE-2019-5982",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "VAIO Update",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "7.3.0.03150 and earlier"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "Sony Corporation"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Improper download file verification vulnerability in VAIO Update 7.3.0.03150 and earlier allows remote attackers to conduct a man-in-the-middle attack via a malicous wireless LAN access point. A successful exploitation may result in a malicious file being downloaded/executed."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "Improper File Verification"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "https://www.sony.com/electronics/support/articles/00228777",
                  "refsource": "MISC",
                  "url": "https://www.sony.com/electronics/support/articles/00228777"
                },
                {
                  "name": "https://jvn.jp/en/jp/JVN13555032/index.html",
                  "refsource": "MISC",
                  "url": "https://jvn.jp/en/jp/JVN13555032/index.html"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
        "assignerShortName": "jpcert",
        "cveId": "CVE-2019-5982",
        "datePublished": "2019-07-05T13:20:18.000Z",
        "dateReserved": "2019-01-10T00:00:00.000Z",
        "dateUpdated": "2024-08-04T20:09:24.026Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2019-5981 (GCVE-0-2019-5981)

    Vulnerability from cvelistv5 – Published: 2019-07-05 13:20 – Updated: 2024-08-04 20:09
    VLAI
    Summary
    Improper authorization vulnerability in VAIO Update 7.3.0.03150 and earlier allows an attackers to execute arbitrary executable file with administrative privilege via unspecified vectors.
    Severity
    No CVSS data available.
    CWE
    • Improper Authorization
    Assigner
    References
    Impacted products
    Vendor Product Version
    Sony Corporation VAIO Update Affected: 7.3.0.03150 and earlier
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-04T20:09:23.992Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://www.sony.com/electronics/support/articles/00228777"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://jvn.jp/en/jp/JVN13555032/index.html"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "VAIO Update",
              "vendor": "Sony Corporation",
              "versions": [
                {
                  "status": "affected",
                  "version": "7.3.0.03150 and earlier"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "Improper authorization vulnerability in VAIO Update 7.3.0.03150 and earlier allows an attackers to execute arbitrary executable file with administrative privilege via unspecified vectors."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "Improper Authorization",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2019-07-05T13:20:17.000Z",
            "orgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
            "shortName": "jpcert"
          },
          "references": [
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://www.sony.com/electronics/support/articles/00228777"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://jvn.jp/en/jp/JVN13555032/index.html"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "vultures@jpcert.or.jp",
              "ID": "CVE-2019-5981",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "VAIO Update",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "7.3.0.03150 and earlier"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "Sony Corporation"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Improper authorization vulnerability in VAIO Update 7.3.0.03150 and earlier allows an attackers to execute arbitrary executable file with administrative privilege via unspecified vectors."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "Improper Authorization"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "https://www.sony.com/electronics/support/articles/00228777",
                  "refsource": "MISC",
                  "url": "https://www.sony.com/electronics/support/articles/00228777"
                },
                {
                  "name": "https://jvn.jp/en/jp/JVN13555032/index.html",
                  "refsource": "MISC",
                  "url": "https://jvn.jp/en/jp/JVN13555032/index.html"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
        "assignerShortName": "jpcert",
        "cveId": "CVE-2019-5981",
        "datePublished": "2019-07-05T13:20:17.000Z",
        "dateReserved": "2019-01-10T00:00:00.000Z",
        "dateUpdated": "2024-08-04T20:09:23.992Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }