Weave Certificate Loading Integer Overflow Denial-of-Service Vulnerability in Nest Cam IQ Indoor Camera

Weave Certificate Loading Integer Overflow Denial-of-Service Vulnerability in Nest Cam IQ Indoor Camera

CVE-2019-5037 · HIGH Severity

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

An exploitable denial-of-service vulnerability exists in the Weave certificate loading functionality of Nest Cam IQ Indoor camera, version 4620002. A specially crafted weave packet can cause an integer overflow and an out-of-bounds read on unmapped memory to occur, resulting in a denial of service. An attacker can send a specially crafted packet to trigger.

Learn more about our Web Application Penetration Testing UK.