Lilith Wyatt and Claudio Bozzato of Cisco Talos discovered these vulnerabilities.
Cisco Talos recently discovered multiple vulnerabilities in the Nest Cam IQ Indoor camera. One of Nest Labs’ most advanced internet-of-things devices, the Nest Cam IQ Indoor integrates Security-Enhanced Linux in Android, Google Assistant, and even facial recognition all into a compact security camera. It primarily uses the Weave protocol for setup and initial communications with other Nest devices over TCP, UDP, Bluetooth and 6lowpan. Most of these vulnerabilities lie in the weave binary of the camera, however, there are some that also apply to the weave-tool binary. It is important to note that while the weave-tool binary also lives on the camera and is vulnerable, it is not normally exploitable as it requires a local attack vector (i.e. an attacker-controlled file) and the vulnerable commands are never directly run by the camera.
In accordance with our coordinated disclosure policy, Cisco Talos worked with Weave and Nest Labs to ensure that these issues are resolved and that an update is available for affected customers.
Vulnerability details
Nest Labs Nest Cam IQ Indoor Weave TCP connection denial-of-service vulnerability (TALOS-2019-0810/CVE-2019-5043)
An exploitable denial-of-service vulnerability exists in the Weave daemon of the Nest Cam IQ Indoor, version 4620002. A set of TCP connections can cause unrestricted resource allocation, resulting in a denial of service. An attacker can connect multiple times to trigger this vulnerability.
Read the complete vulnerability advisory here for additional information.
..
Support the originator by clicking the read the rest link below.
