Philips Hue Bridge Zigbee Stack Custom Command Handler Heap-based Buffer Overflow Remote Code Execution Vulnerability

A high-severity vulnerability (CVSS 8.0) in Philips Hue Bridge allows network-adjacent attackers to execute arbitrary code on the device if a user initiates the pairing process. This means an attacker could potentially gain full control of the smart lighting system and access the network it's connected to. Security teams should prioritize patching this vulnerability immediately and advise users to avoid initiating device pairing with untrusted sources until updates are available.