CVE-2019-5034

State: PUBLISHED · Published: 2019-08-20 · Updated: 2024-08-04 · Assigner: talos

Description

An exploitable information disclosure vulnerability exists in the Weave Legacy Pairing functionality of Nest Cam IQ Indoor version 4620002. A set of specially crafted weave packets can cause an out of bounds read, resulting in information disclosure. An attacker can send packets to trigger this vulnerability.

CWE

CWE-125 — CWE-125: Out-of-bounds Read

Affected

n/a / Nest Labs — v=Nest Labs Nest Cam IQ Indoor version 4620002 [affected]

CVSS

3.0 score=5.3 severity=MEDIUM CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

References

https://talosintelligence.com/vulnerability_reports/TALOS-2019-0797 x_refsource_MISC

Source

cvelistV5-main/cves/2019/5xxx/CVE-2019-5034.json