Philips Hue Bridge hk_hap characteristics Heap-based Buffer Overflow Remote Code Execution Vulnerability

A high-severity vulnerability (CVSS 8.0) in Philips Hue Bridge allows network-adjacent attackers to execute arbitrary code by bypassing the device's authentication mechanism. Although the exploit requires some form of network access, attackers do not need valid credentials since the authentication can be circumvented. Security teams should prioritize patching affected Philips Hue Bridge installations immediately and consider implementing network segmentation to limit access to these devices until patches are applied.