CVE-2019-5037
7.5
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Summary
An exploitable denial-of-service vulnerability exists in the Weave certificate loading functionality of Nest Cam IQ Indoor camera, version 4620002. A specially crafted weave packet can cause an integer overflow and an out-of-bounds read on unmapped memory to occur, resulting in a denial of service. An attacker can send a specially crafted packet to trigger.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| n/a | Nest Labs | Nest Labs Nest Cam IQ Indoor version 4620002 | affected |
Weaknesses
- CWE-190: CWE-190: Integer Overflow or Wraparound
ADP Enrichment
CVE Program Container
Additional References
References
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.