Search
Find a vulnerability
Search criteria
6 vulnerabilities found for nest_wifi_pro_firmware by google
CVE-2024-22013 (GCVE-0-2024-22013)
Vulnerability from nvd – Published: 2024-09-16 19:52 – Updated: 2024-11-06 21:06
VLAI
EPSS
VEX
Summary
U-Boot environment is read from unauthenticated partition.
Severity
5.3 (Medium)
SSVC
Exploitation: none
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- Elevation of privilege
- CWE-noinfo Not enough information
Assigner
References
1 reference
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Nest Wifi Pro |
Affected:
3.73.424613
|
{
"containers": {
"adp": [
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2024-22013",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-09-17T18:07:50.245315Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "CWE-noinfo Not enough information",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-11-06T21:06:31.169Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Nest Wifi Pro",
"vendor": "Google",
"versions": [
{
"status": "affected",
"version": "3.73.424613"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eU-Boot environment is read from unauthenticated partition.\u003c/p\u003e"
}
],
"value": "U-Boot environment is read from unauthenticated partition."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Elevation of privilege",
"lang": "en"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-09-16T19:52:33.764Z",
"orgId": "83238938-5644-45f0-9007-c0392bcf6222",
"shortName": "Google_Devices"
},
"references": [
{
"url": "https://support.google.com/product-documentation/answer/14950962?hl=en\u0026ref_topic=12974021\u0026sjid=9595902703262170957-NA#zippy=%2Cwifi"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "83238938-5644-45f0-9007-c0392bcf6222",
"assignerShortName": "Google_Devices",
"cveId": "CVE-2024-22013",
"datePublished": "2024-09-16T19:52:33.764Z",
"dateReserved": "2024-01-03T21:00:57.456Z",
"dateUpdated": "2024-11-06T21:06:31.169Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-22004 (GCVE-0-2024-22004)
Vulnerability from nvd – Published: 2024-04-05 18:03 – Updated: 2024-08-01 22:35
VLAI
EPSS
VEX
Title
Unchecked length in Trusted Application on Google Nest Wifi Pro, leading to out of bounds read
Summary
Due to length check, an attacker with privilege access on a Linux Nonsecure operating system can trigger a vulnerability and leak the secure memory from the Trusted Application
Severity
10 (Critical)
SSVC
Exploitation: none
Automatable: yes
Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
- CWE-125 - Out-of-bounds Read
Assigner
References
1 reference
Impacted products
2 products
| Vendor | Product | Version | |
|---|---|---|---|
| Nest Wifi Pro |
Affected:
v11
|
||
| nest_wifi_pro_firmware |
Affected:
11
cpe:2.3:o:google:nest_wifi_pro_firmware:11:*:*:*:*:*:*:* |
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:o:google:nest_wifi_pro_firmware:11:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "nest_wifi_pro_firmware",
"vendor": "google",
"versions": [
{
"status": "affected",
"version": "11"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-22004",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-07-29T15:53:35.353686Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-07-29T15:55:01.992Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-01T22:35:34.683Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://support.google.com/product-documentation/answer/14580222?hl=en\u0026ref_topic=12974021\u0026sjid=10751611047462550096-NA"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Nest Wifi Pro",
"vendor": "Google",
"versions": [
{
"status": "affected",
"version": "v11"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eDue to length check, an attacker with privilege access on a Linux Nonsecure operating system can trigger a vulnerability and leak the secure\u0026nbsp;\u003c/span\u003e\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003ememory from the Trusted Application\u003c/span\u003e\u003cbr\u003e"
}
],
"value": "Due to length check, an attacker with privilege access on a Linux Nonsecure operating system can trigger a vulnerability and leak the secure\u00a0memory from the Trusted Application\n"
}
],
"impacts": [
{
"capecId": "CAPEC-456",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-456 Infected Memory"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 10,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-125",
"description": "CWE-125 Out-of-bounds Read",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-04-05T18:03:23.151Z",
"orgId": "83238938-5644-45f0-9007-c0392bcf6222",
"shortName": "Google_Devices"
},
"references": [
{
"url": "https://support.google.com/product-documentation/answer/14580222?hl=en\u0026ref_topic=12974021\u0026sjid=10751611047462550096-NA"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Unchecked length in Trusted Application on Google Nest Wifi Pro, leading to out of bounds read",
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "83238938-5644-45f0-9007-c0392bcf6222",
"assignerShortName": "Google_Devices",
"cveId": "CVE-2024-22004",
"datePublished": "2024-04-05T18:03:23.151Z",
"dateReserved": "2024-01-03T21:00:57.455Z",
"dateUpdated": "2024-08-01T22:35:34.683Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-6339 (GCVE-0-2023-6339)
Vulnerability from nvd – Published: 2024-01-02 21:44 – Updated: 2025-06-03 14:45
VLAI
EPSS
VEX
Title
Google Nest WiFi Pro root code-execution & user-data compromise
Summary
Google Nest WiFi Pro root code-execution & user-data compromise
Severity
10 (Critical)
SSVC
Exploitation: none
Automatable: yes
Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
- CWE-311 - Missing Encryption of Sensitive Data
Assigner
References
1 reference
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T08:28:21.298Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://support.google.com/product-documentation/answer/14273332?hl=en\u0026ref_topic=12974021\u0026sjid=4533873659772963473-NA"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-6339",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-05-08T18:42:14.180936Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-06-03T14:45:15.471Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Wifi Pro",
"vendor": "Google",
"versions": [
{
"status": "affected",
"version": "14150"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Google Nest WiFi Pro root code-execution \u0026amp; user-data compromise"
}
],
"value": "Google Nest WiFi Pro root code-execution \u0026 user-data compromise"
}
],
"impacts": [
{
"capecId": "CAPEC-175",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-175 Code Inclusion"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 10,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-311",
"description": "CWE-311 Missing Encryption of Sensitive Data",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-01-02T21:44:05.703Z",
"orgId": "83238938-5644-45f0-9007-c0392bcf6222",
"shortName": "Google_Devices"
},
"references": [
{
"url": "https://support.google.com/product-documentation/answer/14273332?hl=en\u0026ref_topic=12974021\u0026sjid=4533873659772963473-NA"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Google Nest WiFi Pro root code-execution \u0026 user-data compromise",
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "83238938-5644-45f0-9007-c0392bcf6222",
"assignerShortName": "Google_Devices",
"cveId": "CVE-2023-6339",
"datePublished": "2024-01-02T21:44:05.703Z",
"dateReserved": "2023-11-27T22:21:29.137Z",
"dateUpdated": "2025-06-03T14:45:15.471Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-22013 (GCVE-0-2024-22013)
Vulnerability from cvelistv5 – Published: 2024-09-16 19:52 – Updated: 2024-11-06 21:06
VLAI
EPSS
VEX
Summary
U-Boot environment is read from unauthenticated partition.
Severity
5.3 (Medium)
SSVC
Exploitation: none
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- Elevation of privilege
- CWE-noinfo Not enough information
Assigner
References
1 reference
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Nest Wifi Pro |
Affected:
3.73.424613
|
{
"containers": {
"adp": [
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2024-22013",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-09-17T18:07:50.245315Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "CWE-noinfo Not enough information",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-11-06T21:06:31.169Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Nest Wifi Pro",
"vendor": "Google",
"versions": [
{
"status": "affected",
"version": "3.73.424613"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eU-Boot environment is read from unauthenticated partition.\u003c/p\u003e"
}
],
"value": "U-Boot environment is read from unauthenticated partition."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Elevation of privilege",
"lang": "en"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-09-16T19:52:33.764Z",
"orgId": "83238938-5644-45f0-9007-c0392bcf6222",
"shortName": "Google_Devices"
},
"references": [
{
"url": "https://support.google.com/product-documentation/answer/14950962?hl=en\u0026ref_topic=12974021\u0026sjid=9595902703262170957-NA#zippy=%2Cwifi"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "83238938-5644-45f0-9007-c0392bcf6222",
"assignerShortName": "Google_Devices",
"cveId": "CVE-2024-22013",
"datePublished": "2024-09-16T19:52:33.764Z",
"dateReserved": "2024-01-03T21:00:57.456Z",
"dateUpdated": "2024-11-06T21:06:31.169Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-22004 (GCVE-0-2024-22004)
Vulnerability from cvelistv5 – Published: 2024-04-05 18:03 – Updated: 2024-08-01 22:35
VLAI
EPSS
VEX
Title
Unchecked length in Trusted Application on Google Nest Wifi Pro, leading to out of bounds read
Summary
Due to length check, an attacker with privilege access on a Linux Nonsecure operating system can trigger a vulnerability and leak the secure memory from the Trusted Application
Severity
10 (Critical)
SSVC
Exploitation: none
Automatable: yes
Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
- CWE-125 - Out-of-bounds Read
Assigner
References
1 reference
Impacted products
2 products
| Vendor | Product | Version | |
|---|---|---|---|
| Nest Wifi Pro |
Affected:
v11
|
||
| nest_wifi_pro_firmware |
Affected:
11
cpe:2.3:o:google:nest_wifi_pro_firmware:11:*:*:*:*:*:*:* |
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:o:google:nest_wifi_pro_firmware:11:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "nest_wifi_pro_firmware",
"vendor": "google",
"versions": [
{
"status": "affected",
"version": "11"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-22004",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-07-29T15:53:35.353686Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-07-29T15:55:01.992Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-01T22:35:34.683Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://support.google.com/product-documentation/answer/14580222?hl=en\u0026ref_topic=12974021\u0026sjid=10751611047462550096-NA"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Nest Wifi Pro",
"vendor": "Google",
"versions": [
{
"status": "affected",
"version": "v11"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eDue to length check, an attacker with privilege access on a Linux Nonsecure operating system can trigger a vulnerability and leak the secure\u0026nbsp;\u003c/span\u003e\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003ememory from the Trusted Application\u003c/span\u003e\u003cbr\u003e"
}
],
"value": "Due to length check, an attacker with privilege access on a Linux Nonsecure operating system can trigger a vulnerability and leak the secure\u00a0memory from the Trusted Application\n"
}
],
"impacts": [
{
"capecId": "CAPEC-456",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-456 Infected Memory"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 10,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-125",
"description": "CWE-125 Out-of-bounds Read",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-04-05T18:03:23.151Z",
"orgId": "83238938-5644-45f0-9007-c0392bcf6222",
"shortName": "Google_Devices"
},
"references": [
{
"url": "https://support.google.com/product-documentation/answer/14580222?hl=en\u0026ref_topic=12974021\u0026sjid=10751611047462550096-NA"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Unchecked length in Trusted Application on Google Nest Wifi Pro, leading to out of bounds read",
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "83238938-5644-45f0-9007-c0392bcf6222",
"assignerShortName": "Google_Devices",
"cveId": "CVE-2024-22004",
"datePublished": "2024-04-05T18:03:23.151Z",
"dateReserved": "2024-01-03T21:00:57.455Z",
"dateUpdated": "2024-08-01T22:35:34.683Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-6339 (GCVE-0-2023-6339)
Vulnerability from cvelistv5 – Published: 2024-01-02 21:44 – Updated: 2025-06-03 14:45
VLAI
EPSS
VEX
Title
Google Nest WiFi Pro root code-execution & user-data compromise
Summary
Google Nest WiFi Pro root code-execution & user-data compromise
Severity
10 (Critical)
SSVC
Exploitation: none
Automatable: yes
Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
- CWE-311 - Missing Encryption of Sensitive Data
Assigner
References
1 reference
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T08:28:21.298Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://support.google.com/product-documentation/answer/14273332?hl=en\u0026ref_topic=12974021\u0026sjid=4533873659772963473-NA"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-6339",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-05-08T18:42:14.180936Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-06-03T14:45:15.471Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Wifi Pro",
"vendor": "Google",
"versions": [
{
"status": "affected",
"version": "14150"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Google Nest WiFi Pro root code-execution \u0026amp; user-data compromise"
}
],
"value": "Google Nest WiFi Pro root code-execution \u0026 user-data compromise"
}
],
"impacts": [
{
"capecId": "CAPEC-175",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-175 Code Inclusion"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 10,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-311",
"description": "CWE-311 Missing Encryption of Sensitive Data",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-01-02T21:44:05.703Z",
"orgId": "83238938-5644-45f0-9007-c0392bcf6222",
"shortName": "Google_Devices"
},
"references": [
{
"url": "https://support.google.com/product-documentation/answer/14273332?hl=en\u0026ref_topic=12974021\u0026sjid=4533873659772963473-NA"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Google Nest WiFi Pro root code-execution \u0026 user-data compromise",
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "83238938-5644-45f0-9007-c0392bcf6222",
"assignerShortName": "Google_Devices",
"cveId": "CVE-2023-6339",
"datePublished": "2024-01-02T21:44:05.703Z",
"dateReserved": "2023-11-27T22:21:29.137Z",
"dateUpdated": "2025-06-03T14:45:15.471Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}