Skip to main content

Era 300

1 CVEs product

Monthly

CVE-2026-4149 CRITICAL Act Now

Remote code execution in Sonos Era 300 smart speakers (build 17.5/91.0-70070) allows unauthenticated network attackers to execute arbitrary kernel-level code via malformed SMB server responses. The vulnerability achieves maximum CVSS 10.0 severity due to network accessibility without authentication, low complexity, and kernel-level code execution with scope change. EPSS indicates 1.27% exploitation probability (80th percentile), suggesting moderate real-world risk. No active exploitation confirmed at time of analysis, though ZDI publication increases weaponization likelihood.

RCE Buffer Overflow Era 300
NVD VulDB
CVSS 3.1
9.8
EPSS
1.3%
EPSS 1% CVSS 9.8
CRITICAL Act Now

Remote code execution in Sonos Era 300 smart speakers (build 17.5/91.0-70070) allows unauthenticated network attackers to execute arbitrary kernel-level code via malformed SMB server responses. The vulnerability achieves maximum CVSS 10.0 severity due to network accessibility without authentication, low complexity, and kernel-level code execution with scope change. EPSS indicates 1.27% exploitation probability (80th percentile), suggesting moderate real-world risk. No active exploitation confirmed at time of analysis, though ZDI publication increases weaponization likelihood.

RCE Buffer Overflow Era 300
NVD VulDB

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy