CVE-2016-7830
HIGHSony PCS-XG100/XG100S/XG100C/XG77/XG77S/XG77C <1.51 & PCS-XC1 <1.22 - Unauthenticated Admin Bypass
Title source: llmDescription
Sony PCS-XG100, PCS-XG100S, PCS-XG100C, PCS-XG77, PCS-XG77S, PCS-XG77C devices with firmware versions prior to Ver.1.51 and PCS-XC1 devices with firmware version prior to Ver.1.22 allow an attacker on the same network segment to bypass authentication to perform administrative operations via unspecified vectors.
References (2)
Core 2
Core References
Vendor Advisory x_refsource_confirm
https://www.sony.co.uk/pro/support/attachment/1237494431832/1237494431864/videoconferencesecurityenhancement-v3.pdf
Third Party Advisory, VDB Entry third-party-advisory
x_refsource_jvn
https://jvn.jp/en/jp/JVN42070907/index.html
Scores
CVSS v3
8.8
EPSS
0.0073
EPSS Percentile
49.7%
Attack Vector
ADJACENT_NETWORK
CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Details
CWE
CWE-306
Status
published
Products (12)
sony/pcs-xc1_firmware
< 1.21
sony/pcs-xg100_firmware
1.50
sony/pcs-xg100_firmware
1.42
sony/pcs-xg77_firmware
1.50
sony/pcs-xg77_firmware
1.42
Sony Corporation/PCS-XC1
firmware version prior to Ver.1.22
Sony Corporation/PCS-XG100
firmware versions prior to Ver.1.51
Sony Corporation/PCS-XG100C
firmware versions prior to Ver.1.51
Sony Corporation/PCS-XG100S
firmware versions prior to Ver.1.51
Sony Corporation/PCS-XG77
firmware versions prior to Ver.1.51
... and 2 more
Published
Jun 09, 2017
Tracked Since
Feb 18, 2026