CVE-2019-5035

2019-08-20T22:15:00
ID CVE-2019-5035
Type cve
Reporter cve@mitre.org
Modified 2020-08-24T17:37:00

Description

An exploitable information disclosure vulnerability exists in the Weave PASE pairing functionality of the Nest Cam IQ Indoor, version 4620002. A set of specially crafted weave packets can brute force a pairing code, resulting in greater Weave access and potentially full device control. An attacker can send specially crafted packets to trigger this vulnerability.