Vulnerability Details CVE-2019-5037
An exploitable denial-of-service vulnerability exists in the Weave certificate loading functionality of Nest Cam IQ Indoor camera, version 4620002. A specially crafted weave packet can cause an integer overflow and an out-of-bounds read on unmapped memory to occur, resulting in a denial of service. An attacker can send a specially crafted packet to trigger.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.001
EPSS Ranking 18.6%
CVSS Severity
CVSS v3 Score 7.5
CVSS v2 Score 7.8
References
Products affected by CVE-2019-5037
-
cpe:2.3:h:google:nest_cam_iq_indoor:-
-
cpe:2.3:o:google:nest_cam_iq_indoor_firmware:4620002