Sony PlayNow Store Arbitrary Package Installation
- Published: 5 Nov 2014
- Type: Sony PlayNow Store Arbitrary Package Installation
- Severity: High
Affected Products
Sony PlayNow Store
CVE
CVE-2014-2272
MWR have discovered a vulnerability in the Sony PlayNow Store, shipped by default on the Sony Xperia Z mobile phone. Exploiting this vulnerability could allow an attacker to remotely install an arbitrary application to the phone with any permissions.
The advisory can be downloaded here.