← Retour aux CVEs
CVE-2026-3562
N/ADescription
Philips Hue Bridge hk_hap Ed25519 Signature Verification Authentication Bypass Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Philips Hue Bridge. Authentication is not required to exploit this vulnerability. The specific flaw exists within the ed25519_sign_open function. The issue results from improper verification of a cryptographic signature. An attacker can leverage this vulnerability to bypass authentication on the system. Was ZDI-CAN-28480.
Details CVE
Score CVSS v3.1N/A
Publie3/16/2026
Derniere modification3/16/2026
Sourcenvd
Observations honeypot0
Faiblesses (CWE)
CWE-347
References
https://www.zerodayinitiative.com/advisories/ZDI-26-160/(zdi-disclosures@trendmicro.com)
Correlations IOC
Aucune correlation enregistree
This product uses data from the NVD API but is not endorsed or certified by the NVD.