PT-2022-8312 · Wyze · Wyze Cam V2+2
Bitdefender Labs
·
Published
2022-03-29
·
Updated
2023-02-22
·
CVE-2019-9564
CVSS v3.1
9.8
Critical
| Vector | AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H |
Name of the Vulnerable Software and Affected Versions
Wyze Cam Pan v2 versions prior to 4.49.1.47
Wyze Cam v2 versions prior to 4.9.8.1002
Wyze Cam v3 versions prior to 4.36.8.32
Description
A vulnerability in the authentication logic of Wyze Cam devices allows an attacker to bypass login and control the devices.
Recommendations
For Wyze Cam Pan v2 versions prior to 4.49.1.47, update to version 4.49.1.47 or later.
For Wyze Cam v2 versions prior to 4.9.8.1002, update to version 4.9.8.1002 or later.
For Wyze Cam v3 versions prior to 4.36.8.32, update to version 4.36.8.32 or later.
Fix
Improper Authentication
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Wyze Cam Pan V2
Wyze Cam V2
Wyze Cam V3