Vulnerabilities > CVE-2019-12266 - Out-of-bounds Write vulnerability in Wyze products

CVSS 10.0 - CRITICAL

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

COMPLETE

Integrity impact

COMPLETE

Availability impact

COMPLETE

network

low complexity

wyze

CWE-787

critical

NVD

Published: 2022-03-30

Updated: 2022-04-05

Summary

Stack-based Buffer Overflow vulnerability in Wyze Cam Pan v2, Cam v2, Cam v3 allows an attacker to run arbitrary code on the affected device. This issue affects: Wyze Cam Pan v2 versions prior to 4.49.1.47. Wyze Cam v2 versions prior to 4.9.8.1002. Wyze Cam v3 versions prior to 4.36.8.32.

Vulnerable Configurations

Part	Description	Count
OS	Wyze Wyze CAM PAN V2 Firmware * Wyze CAM V2 Firmware * Wyze CAM V3 Firmware *	3
Hardware	Wyze Wyze CAM PAN V2 - Wyze CAM V2 - Wyze CAM V3 -	3

Common Weakness Enumeration (CWE)

CWE-787 - Out-of-bounds Write

References

https://www.bitdefender.com/blog/labs/vulnerabilities-identified-in-wyze-cam-iot-device/

Summary

Vulnerable Configurations

Common Weakness Enumeration (CWE)

Related news

References