Lucene search
K

84 matches found

Vulnrichment
Vulnrichment
added 2026/03/13 8:36 p.m.4 views

CVE-2026-3558 Philips Hue Bridge HomeKit Accessory Protocol Transient Pairing Mode Authentication Bypass Vulnerability

Philips Hue Bridge HomeKit Accessory Protocol Transient Pairing Mode Authentication Bypass Vulnerability. This vulnerability allows network-adjacent attackers to bypass authentication on affected installations of Philips Hue Bridge. Authentication is not required to exploit this vulnerability. Th...

8.1CVSS7.3AI score0.004EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/03/13 8:36 p.m.7 views

CVE-2026-3558

Philips Hue Bridge HomeKit Accessory Protocol Transient Pairing Mode Authentication Bypass Vulnerability. This vulnerability allows network-adjacent attackers to bypass authentication on affected installations of Philips Hue Bridge. Authentication is not required to exploit this vulnerability. Th...

8.1CVSS5.9AI score0.004EPSS
Exploits0References2Affected Software1
CVE
CVE
added 2026/03/13 8:36 p.m.12 views

CVE-2026-3558

CVE-2026-3558 affects Philips Hue Bridge via HomeKit Accessory Protocol. The flaw lies in the service configuration listening on TCP port 8080, where authentication is not required, enabling network-adjacent attackers to bypass authentication and access sensitive functionality. Impact is high for...

8.1CVSS7.3AI score0.004EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2026/03/13 8:36 p.m.34 views

CVE-2026-3558 Philips Hue Bridge HomeKit Accessory Protocol Transient Pairing Mode Authentication Bypass Vulnerability

Philips Hue Bridge HomeKit Accessory Protocol Transient Pairing Mode Authentication Bypass Vulnerability. This vulnerability allows network-adjacent attackers to bypass authentication on affected installations of Philips Hue Bridge. Authentication is not required to exploit this vulnerability. Th...

8.1CVSS0.004EPSS
Exploits0References1
CVE
CVE
added 2026/03/13 8:36 p.m.21 views

CVE-2026-3556

The CVE-2026-3556 issue affects Philips Hue Bridge, specifically in the hk_hap_pair_storage_put function used during HomeKit pairing. The vulnerability is a heap-based buffer overflow caused by inadequate validation of user-supplied data length prior to copying into a fixed-length heap buffer, al...

8.8CVSS7.8AI score0.00514EPSS
Exploits0References1Affected Software1
Vulnrichment
Vulnrichment
added 2026/03/13 8:36 p.m.2 views

CVE-2026-3556 Philips Hue Bridge HomeKit Pair-Setup Heap-based Buffer Overflow Remote Code Execution Vulnerability

Philips Hue Bridge HomeKit Pair-Setup Heap-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Philips Hue Bridge. Authentication is not required to exploit this vulnerability. The...

8.8CVSS7.8AI score0.00514EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/03/13 8:36 p.m.36 views

CVE-2026-3556 Philips Hue Bridge HomeKit Pair-Setup Heap-based Buffer Overflow Remote Code Execution Vulnerability

Philips Hue Bridge HomeKit Pair-Setup Heap-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Philips Hue Bridge. Authentication is not required to exploit this vulnerability. The...

8.8CVSS0.00514EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/03/13 8:36 p.m.2 views

CVE-2026-3556

Philips Hue Bridge HomeKit Pair-Setup Heap-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Philips Hue Bridge. Authentication is not required to exploit this vulnerability. The...

8.8CVSS6.3AI score0.00514EPSS
Exploits0References2Affected Software1
Zero Day Initiative
Zero Day Initiative
added 2026/03/06 12:0 a.m.6 views

(Pwn2Own) Philips Hue Bridge HomeKit Accessory Protocol Transient Pairing Mode Authentication Bypass Vulnerability

This vulnerability allows network-adjacent attackers to bypass authentication on affected installations of Philips Hue Bridge. Authentication is not required to exploit this vulnerability. The specific flaw exists within the configuration of the HomeKit Accessory Protocol service, which listens o...

8.1CVSS5.8AI score0.004EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
added 2026/03/06 12:0 a.m.6 views

(Pwn2Own) Philips Hue Bridge HomeKit Pair-Setup Heap-based Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Philips Hue Bridge. Authentication is not required to exploit this vulnerability. The specific flaw exists within the hkhappairstorageput function. The issue results from the lack of proper...

8.8CVSS6.2AI score0.00514EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/03/06 12:0 a.m.9 views

PT-2026-23777

Name of the Vulnerable Software and Affected Versions Philips Hue Bridge affected versions not specified Description A security issue exists in the Philips Hue Bridge related to the HomeKit Accessory Protocol. Specifically, a static nonce authentication bypass is possible. This allows an attacker...

8.1CVSS7.2AI score0.00396EPSS
Exploits0References4
Zero Day Initiative
Zero Day Initiative
added 2026/03/06 12:0 a.m.5 views

(Pwn2Own) Philips Hue Bridge HomeKit hk_hap_pair_storage_put Heap-based Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Philips Hue Bridge. Authentication is not required to exploit this vulnerability. The specific flaw exists within the hkhappairstorageput function of the HomeKit implementation, which liste...

8.8CVSS6.2AI score0.00485EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/03/06 12:0 a.m.8 views

PT-2026-23774

Name of the Vulnerable Software and Affected Versions Philips Hue Bridge affected versions not specified Description The Philips Hue Bridge is susceptible to a heap-based buffer overflow during the HomeKit pair-setup process. This issue could allow for remote code execution. The vulnerability was...

8.8CVSS7.9AI score0.00514EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2026/03/06 12:0 a.m.10 views

PT-2026-23778

Name of the Vulnerable Software and Affected Versions Philips Hue Bridge affected versions not specified Description A heap-based buffer overflow exists in the HomeKit component of the Philips Hue Bridge, specifically within the hk hap pair storage put function. This issue could allow for remote...

8.8CVSS7.9AI score0.00485EPSS
Exploits0References4
Zero Day Initiative
Zero Day Initiative
added 2026/03/06 12:0 a.m.6 views

(Pwn2Own) Philips Hue Bridge HomeKit Accessory Protocol Static Nonce Authentication Bypass Vulnerability

This vulnerability allows network-adjacent attackers to bypass authentication on affected installations of Philips Hue Bridge. Authentication is not required to exploit this vulnerability. The specific flaw exists within the configuration of the SRP authentication mechanism in the HomeKit Accesso...

8.1CVSS5.8AI score0.00396EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/03/06 12:0 a.m.5 views

PT-2026-23776

Name of the Vulnerable Software and Affected Versions Philips Hue Bridge affected versions not specified Description A security issue exists in the Philips Hue Bridge related to the HomeKit Accessory Protocol. Specifically, a transient pairing mode authentication bypass is possible. This allows...

8.1CVSS7.2AI score0.004EPSS
Exploits0References4
EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2017-5418

Malware in sbrugna...

7.5CVSS7.6AI score0.01059EPSS
Exploits0References6
EUVD
EUVD
added 2025/10/07 12:30 a.m.3 views

EUVD-2017-11617

Malware in sbrugna...

10CVSS9.4AI score0.02431EPSS
Exploits0References4
EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2021-14672

Malware in sbrugna...

8.2CVSS8.2AI score0.00936EPSS
Exploits1References2
EUVD
EUVD
added 2025/10/07 12:30 a.m.8 views

EUVD-2021-14671

Malware in sbrugna...

7.8CVSS7.6AI score0.01674EPSS
Exploits1References2
Rows per page
Query Builder