CVEDB API

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2024-44097

According to the researcher: "The TLS connections are encrypted against tampering or eavesdropping. However, the application does not validate the server certificate properly while initializing the TLS connection. This allows for a network attacker to intercept the connection and read the data. The attacker could the either send the client a malicious response, or forward the (possibly modified) data to the real server."

Exploit prediction scoring system (EPSS) score

EPSS Score 0.0

EPSS Ranking 14.1%

CVSS Severity

CVSS v3 Score 9.8

References

https://support.google.com/product-documentation/answer/14950962?sjid=9489879942601373169-NA

Products affected by CVE-2024-44097

None » None » Version:

_battery):-
None » None » Version:

_battery)_firmware:*
None » None » Version:

_wired):-
None » None » Version:

_wired)_firmware:*
Google » Nest Cam (Indoor » Version: Any

cpe:2.3:h:google:nest_cam_(indoor
Google » Nest Cam (Outdoor Or Indoor » Version: Any

cpe:2.3:h:google:nest_cam_(outdoor_or_indoor
Google » Nest Cam With Floodlight » Version: N/A

cpe:2.3:h:google:nest_cam_with_floodlight:-
Google » Nest Doorbell (Battery) » Version: N/A

cpe:2.3:h:google:nest_doorbell_(battery):-
Google » Nest Cam (Indoor » Version: Any

cpe:2.3:o:google:nest_cam_(indoor
Google » Nest Cam (Outdoor Or Indoor » Version: Any

cpe:2.3:o:google:nest_cam_(outdoor_or_indoor
Google » Nest Cam With Floodlight Firmware » Version: Any

cpe:2.3:o:google:nest_cam_with_floodlight_firmware:*
Google » Nest Doorbell (Battery) Firmware » Version: Any

cpe:2.3:o:google:nest_doorbell_(battery)_firmware:*

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2024-44097

Products

Pricing

Contact Us