Security Advisory

CVE-2019-5035

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2019-08-20 21:07:51

Last updated 2024-08-04 19:40:49

Assigner talos

State PUBLISHED

Description

An exploitable information disclosure vulnerability exists in the Weave PASE pairing functionality of the Nest Cam IQ Indoor, version 4620002. A set of specially crafted weave packets can brute force a pairing code, resulting in greater Weave access and potentially full device control. An attacker can send specially crafted packets to trigger this vulnerability.

← Browse all CVEs View on cve.org ↗