EUVD-2026-12156CVSS Vector
CVSS:3.0/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Lifecycle Timeline
3Description
Philips Hue Bridge Zigbee Stack Custom Command Handler Heap-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Philips Hue Bridge. User interaction is required to exploit this vulnerability in that the user must initiate the device pairing process. The specific flaw exists within the handling of custom Zigbee ZCL frames in the Model Info download functionality. The issue results from the lack of proper validation of the size of data prior to copying it to a fixed-size heap buffer. An attacker can leverage this vulnerability to execute code in the context of the device. Was ZDI-CAN-28276.
Analysis
Heap-based buffer overflow vulnerability in the Philips Hue Bridge's Zigbee stack that allows network-adjacent attackers to execute arbitrary code when users initiate device pairing. The vulnerability affects all versions of Philips Hue Bridge and has a CVSS score of 8.0, requiring physical proximity and user interaction to exploit. …
Sign in for full analysis, threat intelligence, and remediation guidance.
Remediation
Within 24 hours: Inventory all Philips Hue Bridge deployments and document network locations. Within 7 days: Implement network segmentation to isolate Hue Bridge devices on a separate VLAN with restricted access controls; disable remote pairing capabilities if available in device settings. …
Sign in for detailed remediation steps.
Priority Score
Share
External POC / Exploit Code
Leaving vuln.today