{"id":194343,"date":"2024-08-10T23:23:50","date_gmt":"2024-08-11T04:23:50","guid":{"rendered":"https:\/\/lifeboat.com\/blog\/2024\/08\/sonos-speaker-flaws-could-have-let-remote-hackers-eavesdrop-on-users"},"modified":"2024-08-10T23:23:50","modified_gmt":"2024-08-11T04:23:50","slug":"sonos-speaker-flaws-could-have-let-remote-hackers-eavesdrop-on-users","status":"publish","type":"post","link":"https:\/\/lifeboat.com\/blog\/2024\/08\/sonos-speaker-flaws-could-have-let-remote-hackers-eavesdrop-on-users","title":{"rendered":"Sonos Speaker Flaws Could Have Let Remote Hackers Eavesdrop on Users"},"content":{"rendered":"<p><a class=\"aligncenter blog-photo\" href=\"https:\/\/lifeboat.com\/blog.images\/sonos-speaker-flaws-could-have-let-remote-hackers-eavesdrop-on-users.jpg\"><\/a><\/p>\n<p>Cybersecurity researchers have uncovered weaknesses in Sonos smart speakers that could be exploited by malicious actors to clandestinely eavesdrop on users.<\/p>\n<p>The vulnerabilities \u201cled to an entire break in the security of Sonos\u2019s secure boot process across a wide range of devices and remotely being able to compromise several devices over the air,\u201d NCC Group security researchers Alex Plaskett and Robert Herrera <a href=\"https:\/\/www.nccgroup.com\/us\/research-blog\/blackhat-usa-2024-listen-up-sonos-over-the-air-remote-kernel-exploitation-and-covert-wiretap\/\" rel=\"noopener\" target=\"_blank\">said<\/a>.<\/p>\n<p>Successful exploitation of one of these flaws could allow a remote attacker to obtain covert audio capture from Sonos devices by means of an over-the-air attack. They <a href=\"https:\/\/www.sonos.com\/en-gb\/security-advisory-2024-0001\" rel=\"noopener\" target=\"_blank\">impact all versions<\/a> prior to Sonos S2 release 15.9 and Sonos S1 release 11.12, which were shipped in October and November 2023.<\/p>\n","protected":false},"excerpt":{"rendered":"<p>Cybersecurity researchers have uncovered weaknesses in Sonos smart speakers that could be exploited by malicious actors to clandestinely eavesdrop on users. The vulnerabilities \u201cled to an entire break in the security of Sonos\u2019s secure boot process across a wide range of devices and remotely being able to compromise several devices over the air,\u201d NCC Group [\u2026]<\/p>\n","protected":false},"author":427,"featured_media":0,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[34],"tags":[],"class_list":["post-194343","post","type-post","status-publish","format-standard","hentry","category-cybercrime-malcode"],"_links":{"self":[{"href":"https:\/\/lifeboat.com\/blog\/wp-json\/wp\/v2\/posts\/194343","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/lifeboat.com\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/lifeboat.com\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/lifeboat.com\/blog\/wp-json\/wp\/v2\/users\/427"}],"replies":[{"embeddable":true,"href":"https:\/\/lifeboat.com\/blog\/wp-json\/wp\/v2\/comments?post=194343"}],"version-history":[{"count":0,"href":"https:\/\/lifeboat.com\/blog\/wp-json\/wp\/v2\/posts\/194343\/revisions"}],"wp:attachment":[{"href":"https:\/\/lifeboat.com\/blog\/wp-json\/wp\/v2\/media?parent=194343"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/lifeboat.com\/blog\/wp-json\/wp\/v2\/categories?post=194343"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/lifeboat.com\/blog\/wp-json\/wp\/v2\/tags?post=194343"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}