Details of VAR-201908-0081

ID

VAR-201908-0081

CVE

CVE-2019-5035

TITLE

Nest Cam IQ Indoor Authentication vulnerability

Trust: 0.8

sources: JVNDB: JVNDB-2019-008641

DESCRIPTION

An exploitable information disclosure vulnerability exists in the Weave PASE pairing functionality of the Nest Cam IQ Indoor, version 4620002. A set of specially crafted weave packets can brute force a pairing code, resulting in greater Weave access and potentially full device control. An attacker can send specially crafted packets to trigger this vulnerability. Google Nest Cam IQ Indoor is an indoor camera from Google in the United States

Trust: 2.25

sources: NVD: CVE-2019-5035 // JVNDB: JVNDB-2019-008641 // CNVD: CNVD-2019-35877 // VULHUB: VHN-156470

IOT TAXONOMY

category:

['IoT']

sub_category:

Trust: 0.6

sources: CNVD: CNVD-2019-35877

AFFECTED PRODUCTS

vendor:

google

model:

nest cam iq indoor

scope:

version:

4620002

Trust: 2.4

sources: CNVD: CNVD-2019-35877 // JVNDB: JVNDB-2019-008641 // NVD: CVE-2019-5035

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2019-5035
value:	CRITICAL
Trust: 1.0
talos-cna@cisco.com:	CVE-2019-5035
value:	CRITICAL
Trust: 1.0
NVD:	CVE-2019-5035
value:	CRITICAL
Trust: 0.8
CNVD:	CNVD-2019-35877
value:	MEDIUM
Trust: 0.6
CNNVD:	CNNVD-201908-1283
value:	CRITICAL
Trust: 0.6
VULHUB:	VHN-156470
value:	MEDIUM
Trust: 0.1

nvd@nist.gov:	CVE-2019-5035
severity:	MEDIUM
baseScore:	6.8
vectorString:	AV:N/AC:M/AU:N/C:P/I:P/A:P
accessVector:	NETWORK
accessComplexity:	MEDIUM
authentication:	NONE
confidentialityImpact:	PARTIAL
integrityImpact:	PARTIAL
availabilityImpact:	PARTIAL
exploitabilityScore:	8.6
impactScore:	6.4
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 1.8
CNVD:	CNVD-2019-35877
severity:	MEDIUM
baseScore:	6.8
vectorString:	AV:N/AC:M/AU:N/C:P/I:P/A:P
accessVector:	NETWORK
accessComplexity:	MEDIUM
authentication:	NONE
confidentialityImpact:	PARTIAL
integrityImpact:	PARTIAL
availabilityImpact:	PARTIAL
exploitabilityScore:	8.6
impactScore:	6.4
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.6
VULHUB:	VHN-156470
severity:	MEDIUM
baseScore:	6.8
vectorString:	AV:N/AC:M/AU:N/C:P/I:P/A:P
accessVector:	NETWORK
accessComplexity:	MEDIUM
authentication:	NONE
confidentialityImpact:	PARTIAL
integrityImpact:	PARTIAL
availabilityImpact:	PARTIAL
exploitabilityScore:	8.6
impactScore:	6.4
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.1

talos-cna@cisco.com:	CVE-2019-5035
baseSeverity:	CRITICAL
baseScore:	9.0
vectorString:	CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H
attackVector:	NETWORK
attackComplexity:	HIGH
privilegesRequired:	NONE
userInteraction:	NONE
scope:	CHANGED
confidentialityImpact:	HIGH
integrityImpact:	HIGH
availabilityImpact:	HIGH
exploitabilityScore:	2.2
impactScore:	6.0
version:	3.0
Trust: 1.8
nvd@nist.gov:	CVE-2019-5035
baseSeverity:	CRITICAL
baseScore:	9.0
vectorString:	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H
attackVector:	NETWORK
attackComplexity:	HIGH
privilegesRequired:	NONE
userInteraction:	NONE
scope:	CHANGED
confidentialityImpact:	HIGH
integrityImpact:	HIGH
availabilityImpact:	HIGH
exploitabilityScore:	2.2
impactScore:	6.0
version:	3.1
Trust: 1.0

sources: CNVD: CNVD-2019-35877 // VULHUB: VHN-156470 // JVNDB: JVNDB-2019-008641 // CNNVD: CNNVD-201908-1283 // NVD: CVE-2019-5035 // NVD: CVE-2019-5035

PROBLEMTYPE DATA

problemtype:	CWE-327	Trust: 1.1
problemtype:	CWE-307	Trust: 1.0
problemtype:	CWE-287	Trust: 0.9

sources: VULHUB: VHN-156470 // JVNDB: JVNDB-2019-008641 // NVD: CVE-2019-5035

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-201908-1283

TYPE

encryption problem

Trust: 0.6

sources: CNNVD: CNNVD-201908-1283

CONFIGURATIONS

sources: JVNDB: JVNDB-2019-008641

PATCH

title:

Nest Cam IQ Indoor

url:

https://support.google.com/googlenest/answer/9231650?hl=ja

Trust: 0.8

sources: JVNDB: JVNDB-2019-008641

EXTERNAL IDS

db:	NVD	id:	CVE-2019-5035	Trust: 3.1
db:	TALOS	id:	TALOS-2019-0798	Trust: 3.1
db:	JVNDB	id:	JVNDB-2019-008641	Trust: 0.8
db:	CNNVD	id:	CNNVD-201908-1283	Trust: 0.7
db:	CNVD	id:	CNVD-2019-35877	Trust: 0.6
db:	VULHUB	id:	VHN-156470	Trust: 0.1

sources: CNVD: CNVD-2019-35877 // VULHUB: VHN-156470 // JVNDB: JVNDB-2019-008641 // CNNVD: CNNVD-201908-1283 // NVD: CVE-2019-5035

REFERENCES

url:	https://talosintelligence.com/vulnerability_reports/talos-2019-0798	Trust: 2.5
url:	https://nvd.nist.gov/vuln/detail/cve-2019-5035	Trust: 1.4
url:	https://www.talosintelligence.com/vulnerability_reports/talos-2019-0798	Trust: 1.2
url:	https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-5035	Trust: 0.8

sources: CNVD: CNVD-2019-35877 // VULHUB: VHN-156470 // JVNDB: JVNDB-2019-008641 // CNNVD: CNNVD-201908-1283 // NVD: CVE-2019-5035

CREDITS

Discovered by Lilith Wyatt and Claudio Bozzato of Cisco Talos.

Trust: 0.6

sources: CNNVD: CNNVD-201908-1283

SOURCES

db:	CNVD	id:	CNVD-2019-35877
db:	VULHUB	id:	VHN-156470
db:	JVNDB	id:	JVNDB-2019-008641
db:	CNNVD	id:	CNNVD-201908-1283
db:	NVD	id:	CVE-2019-5035

LAST UPDATE DATE

2024-11-23T22:55:30.070000+00:00

SOURCES UPDATE DATE

db:	CNVD	id:	CNVD-2019-35877	date:	2019-10-18T00:00:00
db:	VULHUB	id:	VHN-156470	date:	2020-08-24T00:00:00
db:	JVNDB	id:	JVNDB-2019-008641	date:	2019-09-04T00:00:00
db:	CNNVD	id:	CNNVD-201908-1283	date:	2022-04-20T00:00:00
db:	NVD	id:	CVE-2019-5035	date:	2024-11-21T04:44:13.417

SOURCES RELEASE DATE

db:	CNVD	id:	CNVD-2019-35877	date:	2019-10-15T00:00:00
db:	VULHUB	id:	VHN-156470	date:	2019-08-20T00:00:00
db:	JVNDB	id:	JVNDB-2019-008641	date:	2019-09-04T00:00:00
db:	CNNVD	id:	CNNVD-201908-1283	date:	2019-08-19T00:00:00
db:	NVD	id:	CVE-2019-5035	date:	2019-08-20T22:15:11.627