← back
CVE-2019-12266

Stack buffer overflow in Wyze Cam Pan v2, Cam v2 and Cam v3

CVSS 7.6 HIGHEPSS 1.2%CWE-121
Vexday Risk Score
21Low
SSVC decision (CISA)
Track
No exploitation signal → monitor
CVSS 7.6EPSS 1.2%KEV nãoPoC Nuclei Metasploit Patch
Lifecycle
30 Mar 2022Published on NVD
Recommendation: Monitor — no exploitation signal at the moment.
Stack-based Buffer Overflow vulnerability in Wyze Cam Pan v2, Cam v2, Cam v3 allows an attacker to run arbitrary code on the affected device. This issue affects: Wyze Cam Pan v2 versions prior to 4.49.1.47. Wyze Cam v2 versions prior to 4.9.8.1002. Wyze Cam v3 versions prior to 4.36.8.32.
CVSS:3.1/AV:A/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H
Affected products
Wyze · Cam Pan v2Wyze · Cam v2Wyze · Cam v3

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
https://www.bitdefender.com/blog/labs/vulnerabilities-identified-in-wyze-cam-iot-device/