PT-2019-17420 · Nest · Nest Cam Iq Indoor

Claudio Bozzato

Published

2019-08-20

Updated

2022-06-27

CVE-2019-5034

CVSS v3.1

5.3

Medium

Vector

AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

Name of the Vulnerable Software and Affected Versions Nest Cam IQ Indoor version 4620002

Description An exploitable information disclosure issue exists in the Weave Legacy Pairing functionality. A set of specially crafted weave packets can cause an out of bounds read, resulting in information disclosure. An attacker can send packets to trigger this issue.

Recommendations For Nest Cam IQ Indoor version 4620002, at the moment, there is no information about a newer version that contains a fix for this issue.

Exploit

Fix

Out of bounds Read

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-125

Related Identifiers

CVE-2019-5034

Affected Products

Nest Cam Iq Indoor

PT-2019-17420 · Nest · Nest Cam Iq Indoor

CVE-2019-5034

Weakness Enumeration

Related Identifiers

Affected Products

References · 3