{"dataType": "CVE_RECORD", "cveMetadata": {"state": "PUBLISHED", "cveId": "CVE-2026-37100", "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "dateUpdated": "2026-04-18T02:26:33.302Z", "dateReserved": "2026-04-06T00:00:00.000Z", "datePublished": "2026-04-16T00:00:00.000Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre", "dateUpdated": "2026-04-16T15:10:26.326Z"}, "descriptions": [{"lang": "en", "value": "An issue in the Bluetooth Low Energy (BLE) control interface of the Yamaha SR-B30A sound bar firmware 2.40 (Mobile App: Sound Bar Remote / version: 2.40) allows remote attackers within BLE radio range to connect without authentication via the Sound Bar Remote protocol"}], "affected": [{"vendor": "n/a", "product": "n/a", "versions": [{"version": "n/a", "status": "affected"}]}], "references": [{"url": "https://gist.github.com/sohsatoh/02699fbbdff90e6c2078b508f830022b"}], "problemTypes": [{"descriptions": [{"type": "text", "lang": "en", "description": "n/a"}]}]}, "adp": [{"problemTypes": [{"descriptions": [{"type": "CWE", "cweId": "CWE-284", "lang": "en", "description": "CWE-284 Improper Access Control"}]}], "metrics": [{"cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 6.5, "attackVector": "ADJACENT_NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "NONE", "confidentialityImpact": "NONE"}}, {"other": {"type": "ssvc", "content": {"timestamp": "2026-04-18T02:25:19.405853Z", "id": "CVE-2026-37100", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-04-18T02:26:33.302Z"}}]}, "dataVersion": "5.2"}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 6.5, "attackVector": "ADJACENT_NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "NONE", "confidentialityImpact": "NONE"}}, {"other": {"type": "ssvc", "content": {"id": "CVE-2026-37100", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2026-04-18T02:25:19.405853Z"}}}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-284", "description": "CWE-284 Improper Access Control"}]}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-04-18T02:26:28.462Z"}}], "cna": {"affected": [{"vendor": "n/a", "product": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "references": [{"url": "https://gist.github.com/sohsatoh/02699fbbdff90e6c2078b508f830022b"}], "descriptions": [{"lang": "en", "value": "An issue in the Bluetooth Low Energy (BLE) control interface of the Yamaha SR-B30A sound bar firmware 2.40 (Mobile App: Sound Bar Remote / version: 2.40) allows remote attackers within BLE radio range to connect without authentication via the Sound Bar Remote protocol"}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "text", "description": "n/a"}]}], "providerMetadata": {"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre", "dateUpdated": "2026-04-16T15:10:26.326Z"}}}, "cveMetadata": {"cveId": "CVE-2026-37100", "state": "PUBLISHED", "dateUpdated": "2026-04-18T02:26:33.302Z", "dateReserved": "2026-04-06T00:00:00.000Z", "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "datePublished": "2026-04-16T00:00:00.000Z", "assignerShortName": "mitre"}, "dataVersion": "5.2"}

{"cveTags": [], "descriptions": [{"lang": "en", "value": "An issue in the Bluetooth Low Energy (BLE) control interface of the Yamaha SR-B30A sound bar firmware 2.40 (Mobile App: Sound Bar Remote / version: 2.40) allows remote attackers within BLE radio range to connect without authentication via the Sound Bar Remote protocol"}], "id": "CVE-2026-37100", "lastModified": "2026-04-18T04:16:20.770", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "ADJACENT_NETWORK", "availabilityImpact": "NONE", "baseScore": 6.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N", "version": "3.1"}, "exploitabilityScore": 2.8, "impactScore": 3.6, "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary"}]}, "published": "2026-04-16T16:16:16.910", "references": [{"source": "cve@mitre.org", "url": "https://gist.github.com/sohsatoh/02699fbbdff90e6c2078b508f830022b"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Awaiting Analysis", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-284"}], "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary"}]}

{}

{"affected": [{"configurations": [{"platform": null, "status": "affected", "versions": {"scheme": "generic", "value": "2.40"}}], "enrichment": {"confidence": 80.0, "confidence_source": "inferred", "scores": [{"score": 80.0, "source": "inferred"}]}, "original": {"product": "n/a", "source": "cna", "vendor": "n/a"}, "product": "sr-b30a_sound_bar_firmware", "vendor": "yamaha"}], "analysis": {"en": {"generated_at": "2026-04-18T09:26:21.210025+00:00", "value": {"mitigation_remediation": ["Update the sound bar firmware and the Sound Bar Remote app to the latest version that enforces authentication on BLE connections.", "Disable the BLE or remote control feature on the device if the firmware allows configuration changes to turn off the vulnerable service.", "Position the sound bar outside the range of untrusted BLE devices, or use a Bluetooth scanner to detect and block unknown devices attempting to connect."], "summary": {"action": "Patch", "impact": "Unauthenticated Remote Control"}, "threat_synthesis": {"affected_systems": "Yamaha SR\u2011B30A sound bar with firmware version 2.40 and the accompanying Mobile App: Sound Bar Remote / version 2.40. The flaw is active when the BLE radio is broadcasting and the app or device is within range, which typically spans up to a few dozen meters.", "description_and_impact": "An unauthenticated bug in the Bluetooth Low Energy (BLE) control interface of the Yamaha SR\u2011B30A sound bar allows a nearby attacker to establish a BLE connection without any authentication using the Sound Bar Remote protocol. The flaw permits the attacker to send control commands to the device, potentially changing volume, input source, or other settings without user consent. The vulnerability could lead to disruption of audio services or enable further exploitation if the device is connected to other systems or networks. This issue is an authentication failure (CWE\u2011287) and weak access control (CWE\u2011284) vulnerability.", "risk_and_exploitability": "The risk is moderate because the attack requires physical proximity to the sound bar. The CVSS score is 6.5, indicating moderate severity. The EPSS score indicates a low (<1%) probability of exploitation. The vulnerability is not listed in the CISA Known Exploited Vulnerabilities catalog. The attack vector is local via BLE and does not need network connectivity, but it provides unauthorized control of the device once a connection is established. This could be used for denial of service or for injecting unwanted commands into the audio experience."}}}}, "created": "2026-04-16T18:58:39.088610+00:00", "title": "Unauthenticated BLE Control Access on Yamaha SR-B30A Sound Bar", "updated": "2026-04-18T09:30:25.693239+00:00", "vendors": ["yamaha", "yamaha$PRODUCT$sr-b30a_sound_bar_firmware"], "weaknesses": ["CWE-284", "CWE-287"]}