Nest Security Bulletin—June 2024

Published  June 27, 2024

 

Past Nest Security Bulletins can be found here.

This Nest Security Bulletin contains details of security vulnerabilities that previously affected Google Nest's connected home devices. The vulnerabilities listed in this bulletin have been addressed. Devices started receiving (Over-the-Air) OTA updates in June 2024.

Security patches

Vulnerabilities are grouped under the device family group and component that they affect. There is a description of the issue and a table with the CVE, associated references, type of vulnerability, and severity.

Vulnerabilities are based on the Common Vulnerabilities and Exposures (CVE) vulnerability naming standard and are organized according to severity, determined by the Common Vulnerability Scoring System (CVSS) standard.

Speakers

Software Version: 3.73

Firmware is the software installed on your Google Nest Speakers devices. When a firmware update is available, your device will automatically download the update via an OTA update.

List of Devices Included in the Update

Nest Audio

Nest Mini

Common Vulnerabilities and Exposures (CVE)

CVE

Type

Severity

Subcomponent

CVE-2024-32928

ID

High

libcurl

CVE-2016-3189

DoS

Moderate

bzip2

Cameras & Doorbells

Software Version: 1.73c

Firmware is the software installed on your Google Nest device. When a firmware update is available, your device will automatically download the update via an OTA update.

List of Devices Included in the Update

Nest Doorbell (battery)

Nest Cam (outdoor or indoor, battery)

Nest Cam with floodlight

Nest Cam (indoor, wired)

Common Vulnerabilities and Exposures (CVE)

CVE

Type

Severity

Subcomponent

CVE-2023-44487

DoS

Moderate

nghttp2

Search
Clear search
Close search
Google apps
Main menu
16858620917142350331
true
Search Help Centre
true
true
true
false
false