CVE-2024-6246 is a heap-based buffer overflow vulnerability identified in the Realtek Wi-Fi kernel module used by Wyze Cam v3 IP cameras, specifically affecting version 4.36.11.7071. The vulnerability is classified under CWE-122 and was reserved in June 2024 and published in November 2024. The flaw stems from insufficient validation of the length of user-supplied data before it is copied into a heap buffer, which can lead to memory corruption. Because this occurs within the kernel driver, an attacker who can send specially crafted network packets to the device can trigger a buffer overflow, resulting in arbitrary code execution with kernel-level privileges. The attack vector is network-adjacent, meaning the attacker must be on the same local network or within Wi-Fi range but does not require authentication or user interaction. The vulnerability’s CVSS v3.0 score is 9.6, indicating critical severity with high impact on confidentiality, integrity, and availability. Exploitation could allow attackers to fully compromise the device, potentially pivoting to other network resources. No patches or exploits are currently publicly available, but the severity and ease of exploitation make this a significant threat to users of Wyze Cam v3 devices.

The impact of CVE-2024-6246 is severe for organizations and individuals using Wyze Cam v3 devices. Successful exploitation allows remote code execution at the kernel level without authentication, enabling attackers to take full control of the camera. This can lead to unauthorized surveillance, data exfiltration, and use of the compromised device as a foothold for lateral movement within internal networks. The compromise of IoT cameras can also undermine physical security monitoring and privacy. Given the critical nature of the vulnerability, attackers could disrupt device availability, manipulate video streams, or use the device as part of botnets for further attacks. Organizations relying on Wyze Cam v3 for security or operational monitoring face significant risks to confidentiality, integrity, and availability of their systems and data.

To mitigate CVE-2024-6246, organizations should immediately inventory their Wyze Cam v3 devices and monitor vendor communications for patches or firmware updates addressing this vulnerability. Until patches are available, network segmentation should be enforced to isolate IoT devices from critical infrastructure and sensitive networks. Employ strict Wi-Fi access controls, including strong encryption and authentication, to limit network-adjacent attacker access. Deploy network intrusion detection systems (NIDS) to monitor for anomalous traffic patterns targeting the Realtek Wi-Fi driver. Disable or restrict remote access features on the cameras where possible. Additionally, consider replacing vulnerable devices with alternatives that have a stronger security posture if patching is delayed. Regularly update device firmware and maintain an asset management program to track IoT device security status.