CVE-2022-3349 - Vulnerability Details - OpenCVE

A vulnerability was found in Sony PS4 and PS5. It has been classified as critical. This affects the function UVFAT_readupcasetable of the component exFAT Handler. The manipulation of the argument dataLength leads to heap-based buffer overflow. It is possible to launch the attack on the physical device. It is recommended to upgrade the affected component. The associated identifier of this vulnerability is VDB-209679.

No CVSS v4.0

Attack Vector Physical

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction None

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Sony	Playstation 4 Playstation 4 Firmware Playstation 5 Playstation 5 Firmware

Configuration 1 [-]

AND

cpe:2.3:o:sony:playstation_4_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:sony:playstation_4:-:*:*:*:*:*:*:*

Configuration 2 [-]

AND

cpe:2.3:o:sony:playstation_5_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:sony:playstation_5:-:*:*:*:*:*:*:*

No data.

References

Link	Providers
https://hackerone.com/reports/1340942
https://vuldb.com/?id.209679

History

No history.

MITRE

Status: PUBLISHED

Assigner: VulDB

Published: 2022-09-28T12:35:09.000Z

Updated: 2025-04-15T13:46:38.482Z

Reserved: 2022-09-28T00:00:00.000Z

Link: CVE-2022-3349

Vulnrichment

No data.

NVD

Status : Modified

Published: 2022-09-28T13:15:10.007

Modified: 2024-11-21T07:19:20.877

Link: CVE-2022-3349

Redhat

No data.

{"containers": {"cna": {"affected": [{"product": "PS4", "vendor": "Sony", "versions": [{"status": "affected", "version": "n/a"}]}, {"product": "PS5", "vendor": "Sony", "versions": [{"status": "affected", "version": "n/a"}]}], "credits": [{"lang": "en", "value": "Andy Nguyen"}], "descriptions": [{"lang": "en", "value": "A vulnerability was found in Sony PS4 and PS5. It has been classified as critical. This affects the function UVFAT_readupcasetable of the component exFAT Handler. The manipulation of the argument dataLength leads to heap-based buffer overflow. It is possible to launch the attack on the physical device. It is recommended to upgrade the affected component. The associated identifier of this vulnerability is VDB-209679."}], "metrics": [{"cvssV3_1": {"attackComplexity": "LOW", "attackVector": "PHYSICAL", "availabilityImpact": "HIGH", "baseScore": 6.8, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}}], "problemTypes": [{"descriptions": [{"cweId": "CWE-119", "description": "CWE-119 Memory Corruption -> CWE-122 Heap-based Buffer Overflow", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"dateUpdated": "2022-09-28T12:35:09.000Z", "orgId": "1af790b2-7ee1-4545-860a-a788eba489b5", "shortName": "VulDB"}, "references": [{"tags": ["x_refsource_MISC"], "url": "https://hackerone.com/reports/1340942"}, {"tags": ["x_refsource_MISC"], "url": "https://vuldb.com/?id.209679"}], "title": "Sony PS4/PS5 exFAT UVFAT_readupcasetable heap-based overflow", "x_generator": "vuldb.com", "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "cna@vuldb.com", "ID": "CVE-2022-3349", "REQUESTER": "cna@vuldb.com", "STATE": "PUBLIC", "TITLE": "Sony PS4/PS5 exFAT UVFAT_readupcasetable heap-based overflow"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "PS4", "version": {"version_data": [{"version_value": "n/a"}]}}, {"product_name": "PS5", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "Sony"}]}}, "credit": "Andy Nguyen", "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "A vulnerability was found in Sony PS4 and PS5. It has been classified as critical. This affects the function UVFAT_readupcasetable of the component exFAT Handler. The manipulation of the argument dataLength leads to heap-based buffer overflow. It is possible to launch the attack on the physical device. It is recommended to upgrade the affected component. The associated identifier of this vulnerability is VDB-209679."}]}, "generator": "vuldb.com", "impact": {"cvss": {"baseScore": "6.8", "vectorString": "CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "CWE-119 Memory Corruption -> CWE-122 Heap-based Buffer Overflow"}]}]}, "references": {"reference_data": [{"name": "https://hackerone.com/reports/1340942", "refsource": "MISC", "url": "https://hackerone.com/reports/1340942"}, {"name": "https://vuldb.com/?id.209679", "refsource": "MISC", "url": "https://vuldb.com/?id.209679"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-03T01:07:06.537Z"}, "title": "CVE Program Container", "references": [{"tags": ["x_refsource_MISC", "x_transferred"], "url": "https://hackerone.com/reports/1340942"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "https://vuldb.com/?id.209679"}]}, {"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2025-04-14T16:55:05.502074Z", "id": "CVE-2022-3349", "options": [{"Exploitation": "poc"}, {"Automatable": "no"}, {"Technical Impact": "total"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-04-15T13:46:38.482Z"}}]}, "cveMetadata": {"assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5", "assignerShortName": "VulDB", "cveId": "CVE-2022-3349", "datePublished": "2022-09-28T12:35:09.000Z", "dateReserved": "2022-09-28T00:00:00.000Z", "dateUpdated": "2025-04-15T13:46:38.482Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:sony:playstation_4_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "A08A50A6-44A0-4794-A626-D700BDDB1C1E", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:sony:playstation_4:-:*:*:*:*:*:*:*", "matchCriteriaId": "E5D6FF54-4050-4C4F-B67B-DDC16A6512CD", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:sony:playstation_5_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "C3DBC7CC-FF93-46DD-B0E5-A8CBA8DE70B4", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:sony:playstation_5:-:*:*:*:*:*:*:*", "matchCriteriaId": "D0317E6B-1E64-4DD5-A01E-89B3E10ED891", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}], "descriptions": [{"lang": "en", "value": "A vulnerability was found in Sony PS4 and PS5. It has been classified as critical. This affects the function UVFAT_readupcasetable of the component exFAT Handler. The manipulation of the argument dataLength leads to heap-based buffer overflow. It is possible to launch the attack on the physical device. It is recommended to upgrade the affected component. The associated identifier of this vulnerability is VDB-209679."}, {"lang": "es", "value": "Se ha encontrado una vulnerabilidad en Sony PS4 y PS5. Ha sido clasificada como cr\u00edtica. Afecta a la funci\u00f3n UVFAT_readupcasetable del componente exFAT Handler. La manipulaci\u00f3n del argumento dataLength conlleva a un desbordamiento del buffer en la regi\u00f3n heap de la memoria. Es posible lanzar el ataque en el dispositivo f\u00edsico. Es recomendado actualizar el componente afectado. El identificador asociado a esta vulnerabilidad es VDB-209679"}], "id": "CVE-2022-3349", "lastModified": "2024-11-21T07:19:20.877", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "PHYSICAL", "availabilityImpact": "HIGH", "baseScore": 6.8, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 0.9, "impactScore": 5.9, "source": "cna@vuldb.com", "type": "Secondary"}, {"cvssData": {"attackComplexity": "LOW", "attackVector": "PHYSICAL", "availabilityImpact": "HIGH", "baseScore": 6.8, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 0.9, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2022-09-28T13:15:10.007", "references": [{"source": "cna@vuldb.com", "tags": ["Exploit", "Third Party Advisory"], "url": "https://hackerone.com/reports/1340942"}, {"source": "cna@vuldb.com", "tags": ["Permissions Required", "Third Party Advisory"], "url": "https://vuldb.com/?id.209679"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Exploit", "Third Party Advisory"], "url": "https://hackerone.com/reports/1340942"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Permissions Required", "Third Party Advisory"], "url": "https://vuldb.com/?id.209679"}], "sourceIdentifier": "cna@vuldb.com", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-119"}], "source": "cna@vuldb.com", "type": "Secondary"}, {"description": [{"lang": "en", "value": "CWE-787"}], "source": "nvd@nist.gov", "type": "Primary"}]}