{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-06-15T03:53:30.127","vulnerabilities":[{"cve":{"id":"CVE-2019-5035","sourceIdentifier":"talos-cna@cisco.com","published":"2019-08-20T22:15:11.627","lastModified":"2024-11-21T04:44:13.417","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"An exploitable information disclosure vulnerability exists in the Weave PASE pairing functionality of the Nest Cam IQ Indoor, version 4620002. A set of specially crafted weave packets can brute force a pairing code, resulting in greater Weave access and potentially full device control. An attacker can send specially crafted packets to trigger this vulnerability."},{"lang":"es","value":"Existe una vulnerabilidad de divulgación de información explotable en la funcionalidad de emparejamiento Weave PASE del Nest Cam IQ Indoor, versión 4620002. Un conjunto de paquetes de weave especialmente diseñados puede forzar un código de emparejamiento, lo que resulta en un mayor acceso a weave y un control potencialmente completo del dispositivo. Un atacante puede enviar paquetes especialmente diseñados para activar esta vulnerabilidad."}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H","baseScore":9.0,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"HIGH","privilegesRequired":"NONE","userInteraction":"NONE","scope":"CHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":2.2,"impactScore":6.0}],"cvssMetricV30":[{"source":"talos-cna@cisco.com","type":"Secondary","cvssData":{"version":"3.0","vectorString":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H","baseScore":9.0,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"HIGH","privilegesRequired":"NONE","userInteraction":"NONE","scope":"CHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":2.2,"impactScore":6.0}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:M/Au:N/C:P/I:P/A:P","baseScore":6.8,"accessVector":"NETWORK","accessComplexity":"MEDIUM","authentication":"NONE","confidentialityImpact":"PARTIAL","integrityImpact":"PARTIAL","availabilityImpact":"PARTIAL"},"baseSeverity":"MEDIUM","exploitabilityScore":8.6,"impactScore":6.4,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}]},"weaknesses":[{"source":"talos-cna@cisco.com","type":"Secondary","description":[{"lang":"en","value":"CWE-307"}]},{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-327"}]}],"configurations":[{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:google:nest_cam_iq_indoor_firmware:4620002:*:*:*:*:*:*:*","matchCriteriaId":"23CD499F-93FC-4ED4-AFF6-B3E392083138"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:google:nest_cam_iq:-:*:*:*:*:*:*:*","matchCriteriaId":"4549A4AE-43B4-4E13-B13A-5ADB23DC0257"}]}]}],"references":[{"url":"https://talosintelligence.com/vulnerability_reports/TALOS-2019-0798","source":"talos-cna@cisco.com","tags":["Exploit","Third Party Advisory"]},{"url":"https://talosintelligence.com/vulnerability_reports/TALOS-2019-0798","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Third Party Advisory"]}]}}]}