Denial of Service Vulnerability in Nest Cam IQ Indoor by Nest Labs
CVE-2019-5036

7.5HIGH

Key Information:

Vendor: Google
Status: Nest Labs
Vendor: CVE Published:; 20 August 2019

Summary

A vulnerability in the Weave error reporting mechanism of the Nest Cam IQ Indoor allows an attacker to exploit the device by sending specially crafted packets. This action can lead to the closure of an arbitrary Weave Exchange Session, effectively resulting in a denial of service. Users of Nest Cam IQ Indoor should be aware of this issue and take necessary steps to mitigate the risks associated with this vulnerability.

Affected Version(s)

Nest Labs Nest Labs Nest Cam IQ Indoor version 4620002

References

https://talosintelligence.com/vulnerability_reports/TALOS...

x_refsource_MISC

CVSS V3.1

Score:

7.5

Severity:

HIGH

Confidentiality:

None

Integrity:

None

Availability:

None

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Aug 20, 2019
Vulnerability Reserved
Jan 4, 2019