Title: Sony BRAVIA Digital Signage 1.7.8 System API Information Disclosure
Advisory ID: ZSL-2020-5610
Type: Local/Remote
Impact: Exposure of System Information, Exposure of Sensitive Information
Risk: (3/5)
Release Date: 02.12.2020

Summary

Sony's BRAVIA Signage is an application to deliver video and still images to Pro BRAVIAs and manage the information via a network. Features include management of displays, power schedule management, content playlists, scheduled delivery management, content interrupt, and more. This cost-effective digital signage management solution is ideal for presenting attractive, informative visual content in retail spaces and hotel reception areas, visitor attractions, educational and corporate environments.

Description

The application is vulnerable to sensitive information disclosure vulnerability. An unauthenticated attacker can visit several API endpoints and disclose information running on the device.

Vendor

Sony Electronics Inc. - https://pro.sony

Affected Version

<=1.7.8

Tested On

Microsoft Windows Server 2012 R2
Ubuntu
NodeJS
Express

Vendor Status

[20.09.2020] Vulnerability discovered.
[15.10.2020] Submitted to Sony via Hackerone.
[20.11.2020] Vendor states that the vulnerabilities are just informative and that all the issues are working as intended.
[02.12.2020] Public security advisory released.

PoC

sonybravia_sysinfo.txt

Credits

Vulnerability discovered by Gjoko Krstic - <gjoko@zeroscience.mk>

References

[1] https://www.exploit-db.com/exploits/49187
[2] https://packetstormsecurity.com/files/160343
[3] https://cxsecurity.com/issue/WLB-2020120028
[4] https://exchange.xforce.ibmcloud.com/vulnerabilities/192606

Changelog

[02.12.2020] - Initial release
[17.02.2020] - Added reference [1], [2], [3] and [4]

Contact

Zero Science Lab

Web: https://www.zeroscience.mk
e-mail: lab@zeroscience.mk