Skip to main content

Hue Bridge

7 CVEs product

Monthly

CVE-2026-3561 HIGH This Week

Heap-based buffer overflow vulnerability in Philips Hue Bridge devices that allows network-adjacent attackers to execute arbitrary code through malformed PUT requests to the HomeKit Accessory Protocol (HAP) characteristics endpoint. While authentication is normally required, the advisory notes the authentication mechanism can be bypassed, effectively allowing unauthenticated remote code execution. No EPSS score or KEV listing is available, suggesting this is not currently being exploited in the wild.

RCE Buffer Overflow Heap Overflow Hue Bridge
NVD
CVSS 3.0
8.0
EPSS
0.1%
CVE-2026-3560 HIGH This Week

Heap-based buffer overflow vulnerability in Philips Hue Bridge's HomeKit implementation that allows unauthenticated network-adjacent attackers to execute arbitrary code. The vulnerability affects all versions of Philips Hue Bridge (CPE indicates no version restrictions) through the hk_hap_pair_storage_put function on TCP port 8080. No EPSS data or KEV listing is available, and while ZDI has published an advisory, no public POC or active exploitation has been reported.

RCE Buffer Overflow Heap Overflow Hue Bridge
NVD
CVSS 3.0
8.8
EPSS
0.1%
CVE-2026-3559 HIGH This Week

CVE-2026-3559 is an authentication bypass vulnerability in Philips Hue Bridge devices affecting the HomeKit Accessory Protocol implementation, where a static nonce in the SRP authentication mechanism allows network-adjacent attackers to gain unauthorized access without credentials. With a CVSS score of 8.1 and requiring only local network access, attackers can achieve high confidentiality and integrity impact on the affected smart home infrastructure. No active exploitation (not in KEV), POC availability, or EPSS data is currently available.

Authentication Bypass Hue Bridge
NVD
CVSS 3.0
8.1
EPSS
0.0%
CVE-2026-3558 HIGH This Week

The Philips Hue Bridge HomeKit Accessory Protocol (HAP) service on TCP port 8080 lacks authentication in transient pairing mode, allowing network-adjacent attackers to bypass authentication and gain unauthorized access without requiring credentials (CVE-2026-3558, CVSS 8.1). This vulnerability affects all versions of Philips Hue Bridge and has been tracked as ZDI-CAN-28374. Real-world risk is elevated due to the low attack complexity, network-adjacent accessibility, and high impact on confidentiality and integrity of the smart lighting system.

Authentication Bypass Hue Bridge
NVD
CVSS 3.0
8.1
EPSS
0.0%
CVE-2026-3557 HIGH This Week

Heap-based buffer overflow vulnerability in Philips Hue Bridge devices that allows network-adjacent attackers with authentication (which can be bypassed) to achieve remote code execution as root. The vulnerability affects the HomeKit Accessory Protocol (HAP) implementation on TCP port 8080 and has a high CVSS score of 8.0, though no active exploitation or public PoC has been reported.

RCE Buffer Overflow Heap Overflow Hue Bridge
NVD
CVSS 3.0
8.0
EPSS
0.1%
CVE-2026-3556 HIGH This Week

Critical heap-based buffer overflow vulnerability in Philips Hue Bridge's HomeKit implementation that allows network-adjacent attackers to execute arbitrary code without authentication. The vulnerability affects all versions of Philips Hue Bridge (CPE indicates no version restriction) and stems from improper input validation in the hk_hap_pair_storage_put function. No active exploitation (not in KEV) or EPSS score is reported, but the high CVSS score (8.8) and RCE capability make this a significant threat for local network attackers.

RCE Buffer Overflow Heap Overflow Hue Bridge
NVD
CVSS 3.0
8.8
EPSS
0.1%
CVE-2026-3555 HIGH This Week

Heap-based buffer overflow vulnerability in the Philips Hue Bridge's Zigbee stack that allows network-adjacent attackers to execute arbitrary code when users initiate device pairing. The vulnerability affects all versions of Philips Hue Bridge and has a CVSS score of 8.0, requiring physical proximity and user interaction to exploit. No EPSS data or KEV listing is available, suggesting this is not actively exploited in the wild.

RCE Buffer Overflow Heap Overflow Hue Bridge
NVD
CVSS 3.0
8.0
EPSS
0.1%
EPSS 0% CVSS 8.0
HIGH This Week

Heap-based buffer overflow vulnerability in Philips Hue Bridge devices that allows network-adjacent attackers to execute arbitrary code through malformed PUT requests to the HomeKit Accessory Protocol (HAP) characteristics endpoint. While authentication is normally required, the advisory notes the authentication mechanism can be bypassed, effectively allowing unauthenticated remote code execution. No EPSS score or KEV listing is available, suggesting this is not currently being exploited in the wild.

RCE Buffer Overflow Heap Overflow +1
NVD
EPSS 0% CVSS 8.8
HIGH This Week

Heap-based buffer overflow vulnerability in Philips Hue Bridge's HomeKit implementation that allows unauthenticated network-adjacent attackers to execute arbitrary code. The vulnerability affects all versions of Philips Hue Bridge (CPE indicates no version restrictions) through the hk_hap_pair_storage_put function on TCP port 8080. No EPSS data or KEV listing is available, and while ZDI has published an advisory, no public POC or active exploitation has been reported.

RCE Buffer Overflow Heap Overflow +1
NVD
EPSS 0% CVSS 8.1
HIGH This Week

CVE-2026-3559 is an authentication bypass vulnerability in Philips Hue Bridge devices affecting the HomeKit Accessory Protocol implementation, where a static nonce in the SRP authentication mechanism allows network-adjacent attackers to gain unauthorized access without credentials. With a CVSS score of 8.1 and requiring only local network access, attackers can achieve high confidentiality and integrity impact on the affected smart home infrastructure. No active exploitation (not in KEV), POC availability, or EPSS data is currently available.

Authentication Bypass Hue Bridge
NVD
EPSS 0% CVSS 8.1
HIGH This Week

The Philips Hue Bridge HomeKit Accessory Protocol (HAP) service on TCP port 8080 lacks authentication in transient pairing mode, allowing network-adjacent attackers to bypass authentication and gain unauthorized access without requiring credentials (CVE-2026-3558, CVSS 8.1). This vulnerability affects all versions of Philips Hue Bridge and has been tracked as ZDI-CAN-28374. Real-world risk is elevated due to the low attack complexity, network-adjacent accessibility, and high impact on confidentiality and integrity of the smart lighting system.

Authentication Bypass Hue Bridge
NVD
EPSS 0% CVSS 8.0
HIGH This Week

Heap-based buffer overflow vulnerability in Philips Hue Bridge devices that allows network-adjacent attackers with authentication (which can be bypassed) to achieve remote code execution as root. The vulnerability affects the HomeKit Accessory Protocol (HAP) implementation on TCP port 8080 and has a high CVSS score of 8.0, though no active exploitation or public PoC has been reported.

RCE Buffer Overflow Heap Overflow +1
NVD
EPSS 0% CVSS 8.8
HIGH This Week

Critical heap-based buffer overflow vulnerability in Philips Hue Bridge's HomeKit implementation that allows network-adjacent attackers to execute arbitrary code without authentication. The vulnerability affects all versions of Philips Hue Bridge (CPE indicates no version restriction) and stems from improper input validation in the hk_hap_pair_storage_put function. No active exploitation (not in KEV) or EPSS score is reported, but the high CVSS score (8.8) and RCE capability make this a significant threat for local network attackers.

RCE Buffer Overflow Heap Overflow +1
NVD
EPSS 0% CVSS 8.0
HIGH This Week

Heap-based buffer overflow vulnerability in the Philips Hue Bridge's Zigbee stack that allows network-adjacent attackers to execute arbitrary code when users initiate device pairing. The vulnerability affects all versions of Philips Hue Bridge and has a CVSS score of 8.0, requiring physical proximity and user interaction to exploit. No EPSS data or KEV listing is available, suggesting this is not actively exploited in the wild.

RCE Buffer Overflow Heap Overflow +1
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy