Shodan
Vulnerabilities
Vulnerable Software
Google:  >> Nest Cam Iq Indoor Firmware  >> 4620002  Security Vulnerabilities
CVE-2019-5043
An exploitable denial-of-service vulnerability exists in the Weave daemon of the Nest Cam IQ Indoor, version 4620002. A set of TCP connections can cause unrestricted resource allocation, resulting in a denial of service. An attacker can connect multiple times to trigger this vulnerability.
CVSS Score
5.3
EPSS Score
0.002
Published
2019-10-31
CVE-2019-5034
An exploitable information disclosure vulnerability exists in the Weave Legacy Pairing functionality of Nest Cam IQ Indoor version 4620002. A set of specially crafted weave packets can cause an out of bounds read, resulting in information disclosure. An attacker can send packets to trigger this vulnerability.
CVSS Score
5.3
EPSS Score
0.001
Published
2019-08-20
CVE-2019-5035
An exploitable information disclosure vulnerability exists in the Weave PASE pairing functionality of the Nest Cam IQ Indoor, version 4620002. A set of specially crafted weave packets can brute force a pairing code, resulting in greater Weave access and potentially full device control. An attacker can send specially crafted packets to trigger this vulnerability.
CVSS Score
9.0
EPSS Score
0.001
Published
2019-08-20
CVE-2019-5036
An exploitable denial-of-service vulnerability exists in the Weave error reporting functionality of the Nest Cam IQ Indoor, version 4620002. A specially crafted weave packets can cause an arbitrary Weave Exchange Session to close, resulting in a denial of service. An attacker can send a specially crafted packet to trigger this vulnerability.
CVSS Score
7.5
EPSS Score
0.0
Published
2019-08-20
CVE-2019-5037
An exploitable denial-of-service vulnerability exists in the Weave certificate loading functionality of Nest Cam IQ Indoor camera, version 4620002. A specially crafted weave packet can cause an integer overflow and an out-of-bounds read on unmapped memory to occur, resulting in a denial of service. An attacker can send a specially crafted packet to trigger.
CVSS Score
7.5
EPSS Score
0.001
Published
2019-08-20
CVE-2019-5040
An exploitable information disclosure vulnerability exists in the Weave MessageLayer parsing of Openweave-core version 4.0.2 and Nest Cam IQ Indoor version 4620002. A specially crafted weave packet can cause an integer overflow to occur, resulting in PacketBuffer data reuse. An attacker can send a packet to trigger this vulnerability.
CVSS Score
8.2
EPSS Score
0.001
Published
2019-08-20


Products
Pricing
Contact Us

Shodan ® - All rights reserved