NestCam Wireless Attack (BT/WiFi)

[nayr]

Affected: Dropcam, Dropcam Pro, Nest Cam Indoor/Outdoor models

Summary
It's possible to trigger a buffer overflow condition when setting the SSID parameter on the camera. The attacker must be in bluetooth range at any time during the cameras powered on state. Bluetooth is never disabled even after initial setup.

Lamen: Attackers can disable your cameras wirelessly, even if wired.. they can force the device to reboot endlessly via Bluetooth

Google-Nest-Cam-Bug-Disclosures/README.md at master · jasondoyle/Google-Nest-Cam-Bug-Disclosures · GitHub

Reported in October of last year; disclosed this week.. still no fix.

Today's Lesson: Security and Wireless do not mix.. we already knew NestCam's suck.

 

[nbstl68]

Sounds like wireless is not a factor if it can occur via wired too.
So so a hacker has to actually be in Bluetooth range of your Nest camera? That is seems would really narrow down the number of people who could be affected by this to the point I'd imagine it is generically a non-issue for all except very targeted people who are not around at the time to notice someone within BT range, aka, almost standing in your yard or parked out front.