CVE-2019-11336 : Sony Bravia Smart TV devices allow remote attackers to retrieve the static Wi-Fi

Products affected by CVE-2019-11336

Sony » Photo Sharing Plus
Versions before (<) pkg6.5629
cpe:2.3:a:sony:photo_sharing_plus:*:*:*:*:*:*:*:*
Matching versions
When used together with: Sony » Kdl-50w800c » Version: N/A
When used together with: Sony » Kdl-50w805c » Version: N/A
When used together with: Sony » Kdl-50w807c » Version: N/A
When used together with: Sony » Kdl-50w809c » Version: N/A
When used together with: Sony » Kdl-50w820c » Version: N/A
When used together with: Sony » Kdl-55w800c » Version: N/A
When used together with: Sony » Kdl-55w805c » Version: N/A
When used together with: Sony » Kdl-65w850c » Version: N/A
When used together with: Sony » Kdl-65w855c » Version: N/A
When used together with: Sony » Kdl-65w857c » Version: N/A
When used together with: Sony » Kdl-75w850c » Version: N/A
When used together with: Sony » Kdl-75w855c » Version: N/A
When used together with: Sony » X7500d » Version: N/A
When used together with: Sony » Xbr-100z9d » Version: N/A
When used together with: Sony » Xbr-43x800d » Version: N/A
When used together with: Sony » Xbr-43x800e » Version: N/A
When used together with: Sony » Xbr-43x830c » Version: N/A
When used together with: Sony » Xbr-49x700d » Version: N/A
When used together with: Sony » Xbr-49x800c » Version: N/A
When used together with: Sony » Xbr-49x800d » Version: N/A
When used together with: Sony » Xbr-49x800e » Version: N/A
When used together with: Sony » Xbr-49x830c » Version: N/A
When used together with: Sony » Xbr-49x835c » Version: N/A
When used together with: Sony » Xbr-49x835d » Version: N/A
When used together with: Sony » Xbr-49x837c » Version: N/A
When used together with: Sony » Xbr-49x839c » Version: N/A
When used together with: Sony » Xbr-49x900e » Version: N/A
When used together with: Sony » Xbr-55a1e » Version: N/A
When used together with: Sony » Xbr-55x700d » Version: N/A
When used together with: Sony » Xbr-55x800e » Version: N/A
When used together with: Sony » Xbr-55x805c » Version: N/A
When used together with: Sony » Xbr-55x806e » Version: N/A
When used together with: Sony » Xbr-55x807c » Version: N/A
When used together with: Sony » Xbr-55x809c » Version: N/A
When used together with: Sony » Xbr-55x810c » Version: N/A
When used together with: Sony » Xbr-55x850c » Version: N/A
When used together with: Sony » Xbr-55x850d » Version: N/A
When used together with: Sony » Xbr-55x855c » Version: N/A
When used together with: Sony » Xbr-55x855d » Version: N/A
When used together with: Sony » Xbr-55x857c » Version: N/A
When used together with: Sony » Xbr-55x857d » Version: N/A
When used together with: Sony » Xbr-55x900c » Version: N/A
When used together with: Sony » Xbr-55x900e » Version: N/A
When used together with: Sony » Xbr-55x905c » Version: N/A
When used together with: Sony » Xbr-55x907c » Version: N/A
When used together with: Sony » Xbr-55x930d » Version: N/A
When used together with: Sony » Xbr-55x930e » Version: N/A
When used together with: Sony » Xbr-65a1e » Version: N/A
When used together with: Sony » Xbr-65x750d » Version: N/A
When used together with: Sony » Xbr-65x800c » Version: N/A
When used together with: Sony » Xbr-65x805c » Version: N/A
When used together with: Sony » Xbr-65x807c » Version: N/A
When used together with: Sony » Xbr-65x809c » Version: N/A
When used together with: Sony » Xbr-65x810c » Version: N/A
When used together with: Sony » Xbr-65x850c » Version: N/A
When used together with: Sony » Xbr-65x850d » Version: N/A
When used together with: Sony » Xbr-65x850e » Version: N/A
When used together with: Sony » Xbr-65x855c » Version: N/A
When used together with: Sony » Xbr-65x855d » Version: N/A
When used together with: Sony » Xbr-65x857c » Version: N/A
When used together with: Sony » Xbr-65x857d » Version: N/A
When used together with: Sony » Xbr-65x900c » Version: N/A
When used together with: Sony » Xbr-65x900e » Version: N/A
When used together with: Sony » Xbr-65x905c » Version: N/A
When used together with: Sony » Xbr-65x907c » Version: N/A
When used together with: Sony » Xbr-65x930c » Version: N/A
When used together with: Sony » Xbr-65x930d » Version: N/A
When used together with: Sony » Xbr-65x930e » Version: N/A
When used together with: Sony » Xbr-65x935d » Version: N/A
When used together with: Sony » Xbr-65x937d » Version: N/A
When used together with: Sony » Xbr-65z9d » Version: N/A
When used together with: Sony » Xbr-75x850c » Version: N/A
When used together with: Sony » Xbr-75x850d » Version: N/A
When used together with: Sony » Xbr-75x850e » Version: N/A
When used together with: Sony » Xbr-75x855c » Version: N/A
When used together with: Sony » Xbr-75x855d » Version: N/A
When used together with: Sony » Xbr-75x857d » Version: N/A
When used together with: Sony » Xbr-75x900e » Version: N/A
When used together with: Sony » Xbr-75x910c » Version: N/A
When used together with: Sony » Xbr-75x940c » Version: N/A
When used together with: Sony » Xbr-75x940d » Version: N/A
When used together with: Sony » Xbr-75x940e » Version: N/A
When used together with: Sony » Xbr-75x945c » Version: N/A
When used together with: Sony » Xbr-75z9d » Version: N/A
When used together with: Sony » Xbr-77a1e » Version: N/A
When used together with: Sony » Xbr-85x850d » Version: N/A
When used together with: Sony » Xbr-85x855d » Version: N/A
When used together with: Sony » Xbr-85x857d » Version: N/A

Exploit prediction scoring system (EPSS) score for CVE-2019-11336

EPSS FAQ

3.33%

Probability of exploitation activity in the next 30 days EPSS Score History

~ 86 %

Percentile, the proportion of vulnerabilities that are scored at or less

CVSS scores for CVE-2019-11336

Base Score	Base Severity	CVSS Vector	Exploitability Score	Impact Score	Score Source
4.3	MEDIUM	AV:N/AC:M/Au:N/C:P/I:N/A:N	8.6	2.9	NIST
Access Vector: Network Access Complexity: Medium Authentication: None Confidentiality Impact: Partial Integrity Impact: None Availability Impact: None
8.1	HIGH	CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H	2.2	5.9	NIST
Attack Vector: Network Attack Complexity: High Privileges Required: None User Interaction: None Scope: Unchanged Confidentiality: High Integrity: High Availability: High

CWE ids for CVE-2019-11336

CWE-532 Insertion of Sensitive Information into Log File

The product writes sensitive information to a log file.

Assigned by: nvd@nist.gov (Primary)

References for CVE-2019-11336

https://seclists.org/bugtraq/2019/Apr/34

Bugtraq: Multiple vulnerabilities in Sony Smart TVs
Mailing List;Exploit;Third Party Advisory

CVEs referencing this url
http://packetstormsecurity.com/files/152612/Sony-Smart-TV-Information-Disclosure-File-Read.html

Sony Smart TV Information Disclosure / File Read ≈ Packet Storm
Exploit;Third Party Advisory;VDB Entry

CVEs referencing this url
https://www.darkmatter.ae/xen1thlabs/sony-smart-tv-photo-sharing-plus-information-disclosure-vulnerability-xl-19-003/

DarkMatter - Smart and Safe Digital | Sony Smart TV Photo Sharing Plus Information Disclosure Vulnerability XL-19-003
Exploit;Third Party Advisory
http://seclists.org/fulldisclosure/2019/Apr/32

Full Disclosure: Multiple vulnerabilities in Sony Smart TVs
Mailing List;Exploit;Third Party Advisory

CVEs referencing this url
http://www.securityfocus.com/bid/108072

Multiple Sony Smart Tv Products Photo Sharing Plus API/Application Multiple Security Vulnerabilities
Third Party Advisory;VDB Entry

CVEs referencing this url

Vulnerability Details : CVE-2019-11336

Products affected by CVE-2019-11336

Exploit prediction scoring system (EPSS) score for CVE-2019-11336

CVSS scores for CVE-2019-11336

CWE ids for CVE-2019-11336

References for CVE-2019-11336