CVE-2019-5037

Summary

An exploitable denial-of-service vulnerability exists in the Weave certificate loading functionality of Nest Cam IQ Indoor camera, version 4620002. A specially crafted weave packet can cause an integer overflow and an out-of-bounds read on unmapped memory to occur, resulting in a denial of service. An attacker can send a specially crafted packet to trigger.

Affected Software

VendorProductVersion RangeStatus
n/aNest LabsNest Labs Nest Cam IQ Indoor version 4620002affected

Weaknesses

  • CWE-190: CWE-190: Integer Overflow or Wraparound

ADP Enrichment

CVE Program Container

Additional References

References