Weave Legacy Pairing Information Disclosure Vulnerability in Nest Cam IQ Indoor

Weave Legacy Pairing Information Disclosure Vulnerability in Nest Cam IQ Indoor

CVE-2019-5034 · MEDIUM Severity

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

An exploitable information disclosure vulnerability exists in the Weave Legacy Pairing functionality of Nest Cam IQ Indoor version 4620002. A set of specially crafted weave packets can cause an out of bounds read, resulting in information disclosure. An attacker can send packets to trigger this vulnerability.

Learn more about our Web Application Penetration Testing UK.