CVE-2026-3556
Heap-Based Buffer Overflow in Philips Hue Bridge Enables RCE
Publication date: 2026-03-16
Last updated on: 2026-04-27
Assigner: Zero Day Initiative
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| philips | hue_bridge_v2_firmware | to 1975170000 (exc) |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-122 | A heap overflow condition is a buffer overflow, where the buffer that can be overwritten is allocated in the heap portion of memory, generally meaning that the buffer was allocated using a routine such as malloc(). |
Attack-Flow Graph
AI Powered Q&A
What immediate steps should I take to mitigate this vulnerability?
I don't know
Can you explain this vulnerability to me?
This vulnerability is a heap-based buffer overflow in the Philips Hue Bridge's HomeKit Pair-Setup process. It occurs because the function hk_hap_pair_storage_put does not properly validate the length of user-supplied data before copying it into a fixed-length buffer on the heap. This flaw allows an attacker who is network-adjacent to execute arbitrary code on the affected device without needing to authenticate.
How can this vulnerability impact me? :
This vulnerability can have severe impacts as it allows an attacker to execute arbitrary code remotely on the Philips Hue Bridge device. Since no authentication is required, an attacker could potentially take full control of the device, leading to compromise of the HomeKit service and possibly other connected smart home devices. The CVSS score of 8.8 indicates a high severity with impacts on confidentiality, integrity, and availability.
How does this vulnerability affect compliance with common standards and regulations (like GDPR, HIPAA)?:
I don't know
How can this vulnerability be detected on my network or system? Can you suggest some commands?
I don't know