Philips Hue Bridge model 2.X prior to and including version 1935144020 contains a Heap-based Buffer Overflow when handling a long ZCL string during the commissioning phase, resulting in a remote code execution.
[
{
"product": "Philips Hue Bridge 2.X",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "All versions prior to and including 1935144020"
}
]
}
]