Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
cvelistGoogle_DevicesCVELIST:CVE-2024-32928
HistoryAug 19, 2024 - 4:38 p.m.

CVE-2024-32928

2024-08-1916:38:01
Google_Devices
www.cve.org
2
libcurl
curlopt_ssl_verifypeer
nest production devices
man-in-the-middle attack
google cloud services

EPSS

0.001

Percentile

25.8%

JSON

The libcurl CURLOPT_SSL_VERIFYPEER option was disabled on a subset of requests made by Nest production devices which enabled a potential man-in-the-middle attack on requests to Google cloud services by any host the traffic was routed through.

CNA Affected

[
  {
    "defaultStatus": "unaffected",
    "product": "Nest Speakers",
    "vendor": "Google",
    "versions": [
      {
        "status": "affected",
        "version": "libcurl"
      }
    ]
  }
]

Related

vulnrichment 1
cve 1
nvd 1
vulnrichment
vulnrichment
CVE-2024-32928
2024-08-19 16:38:01
cve
cve
CVE-2024-32928
2024-08-19 17:15:07
nvd
nvd
CVE-2024-32928
2024-08-19 17:15:07

EPSS

0.001

Percentile

25.8%

JSON
Related for CVELIST:CVE-2024-32928
vulnrichment1cve1nvd1