PT-2022-8080 · Wyze · Wyze Cam V2+2

Bitdefender Labs

Published

2022-03-29

Updated

2022-04-05

CVE-2019-12266

CVSS v3.1

Critical

Vector

AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions Wyze Cam Pan v2 versions prior to 4.49.1.47 Wyze Cam v2 versions prior to 4.9.8.1002 Wyze Cam v3 versions prior to 4.36.8.32

Description A Stack-based Buffer Overflow issue allows an attacker to run arbitrary code on the affected device. This issue affects various Wyze Cam models, enabling attackers to execute arbitrary code.

Recommendations For Wyze Cam Pan v2 versions prior to 4.49.1.47, update to version 4.49.1.47 or later. For Wyze Cam v2 versions prior to 4.9.8.1002, update to version 4.9.8.1002 or later. For Wyze Cam v3 versions prior to 4.36.8.32, update to version 4.36.8.32 or later.

Fix

Memory Corruption

Stack Overflow

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-787CWE-121

Related Identifiers

CVE-2019-12266

Affected Products

Wyze Cam Pan V2

Wyze Cam V2

Wyze Cam V3

PT-2022-8080 · Wyze · Wyze Cam V2+2

CVE-2019-12266

Weakness Enumeration

Related Identifiers

Affected Products

References · 9