Sony PlayNow Store Arbitrary Package Installation

CVE-2014-2272

    Type

  • Sony PlayNow Store Arbitrary Package Installation

    • Severity

  • High

    • Affected products

  • Sony PlayNow Store

    • Date

  • 2014-11-05

    • CVE Reference

  • CVE-2014-2272
Read more

MWR have discovered a vulnerability in the Sony PlayNow Store, shipped by default on the Sony Xperia Z mobile phone. Exploiting this vulnerability could allow an attacker to remotely install an arbitrary application to the phone with any permissions.

The advisory can be downloaded here.