Denial of Service Vulnerability in Nest Cam IQ Indoor by Nest Labs
CVE-2019-5036

7.5HIGH

Key Information:

Vendor: Google
Status: Nest Labs
Vendor: CVE Published:; 20 August 2019

What is CVE-2019-5036?

A vulnerability in the Weave error reporting mechanism of the Nest Cam IQ Indoor allows an attacker to exploit the device by sending specially crafted packets. This action can lead to the closure of an arbitrary Weave Exchange Session, effectively resulting in a denial of service. Users of Nest Cam IQ Indoor should be aware of this issue and take necessary steps to mitigate the risks associated with this vulnerability.

Affected Version(s)

Nest Labs Nest Labs Nest Cam IQ Indoor version 4620002

References

https://talosintelligence.com/vulnerability_reports/TALOS...

x_refsource_MISC

CVSS V3.1

Score:

7.5

Severity:

HIGH

Confidentiality:

None

Integrity:

None

Availability:

None

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Aug 20, 2019
Vulnerability Reserved
Jan 4, 2019

Google

What is CVE-2019-5036?

Affected Version(s)

References

CVSS V3.1

Timeline