Sony PlayNow Store Arbitrary Package Installation

  • Published: 5 Nov 2014

Sony PlayNow Store Arbitrary Package Installation

CVE-2014-2272

Share

Type

  • Sony PlayNow Store Arbitrary Package Installation

Severity

  • High

Affected products

  • Sony PlayNow Store

Date

  • 2014-11-05

CVE Reference

  • CVE-2014-2272

Read more

MWR have discovered a vulnerability in the Sony PlayNow Store, shipped by default on the Sony Xperia Z mobile phone. Exploiting this vulnerability could allow an attacker to remotely install an arbitrary application to the phone with any permissions.

The advisory can be downloaded here.