CVE-2026-3558
Awaiting Analysis Awaiting Analysis - Queue
Authentication Bypass in Philips Hue Bridge HomeKit Protocol

Publication date: 2026-03-16

Last updated on: 2026-04-27

Assigner: Zero Day Initiative

Description
Philips Hue Bridge HomeKit Accessory Protocol Transient Pairing Mode Authentication Bypass Vulnerability. This vulnerability allows network-adjacent attackers to bypass authentication on affected installations of Philips Hue Bridge. Authentication is not required to exploit this vulnerability. The specific flaw exists within the configuration of the HomeKit Accessory Protocol service, which listens on TCP port 8080 by default. The issue results from the lack of authentication prior to allowing access to functionality. An attacker can leverage this vulnerability to bypass authentication on the system. Was ZDI-CAN-28374.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2026-03-16
Last Modified
2026-04-27
Generated
2026-06-16
AI Q&A
2026-03-16
EPSS Evaluated
2026-06-14
NVD
CVE-2026-3558
EUVD
EUVD-2026-12159
Affected Vendors & Products
Showing 1 associated CPE
Vendor Product Version / Range
philips hue_bridge_v2_firmware to 1975170000 (exc)
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-306 The product does not perform any authentication for functionality that requires a provable user identity or consumes a significant amount of resources.
Attack-Flow Graph
AI Quick Actions
Instant insights powered by AI
Executive Summary

CVE-2026-3558 is an authentication bypass vulnerability in the Philips Hue Bridge, specifically within the HomeKit Accessory Protocol service that listens on TCP port 8080 by default.

The flaw exists because the service does not require authentication before allowing access to certain functionalities in its transient pairing mode.

This means that a network-adjacent attacker can exploit this vulnerability without any credentials or user interaction to gain unauthorized access to the affected system.

Impact Analysis

[{'type': 'paragraph', 'content': 'Exploiting this vulnerability allows an attacker to bypass authentication and gain unauthorized access to the Philips Hue Bridge system.'}, {'type': 'paragraph', 'content': 'The CVSS score of 8.1 indicates a high impact on confidentiality and integrity, meaning sensitive information could be exposed or altered.'}, {'type': 'paragraph', 'content': "However, there is no impact on availability, so the system's operation would not be disrupted."}] [1]

Compliance Impact

I don't know

Detection Guidance

[{'type': 'paragraph', 'content': "This vulnerability affects the Philips Hue Bridge's HomeKit Accessory Protocol service, which listens on TCP port 8080 by default."}, {'type': 'paragraph', 'content': 'To detect this vulnerability on your network or system, you can scan for devices with TCP port 8080 open that are running the Philips Hue Bridge service.'}, {'type': 'paragraph', 'content': 'A simple network scan command example using nmap would be:'}, {'type': 'list_item', 'content': 'nmap -p 8080 --open <target-ip-range>'}, {'type': 'paragraph', 'content': 'Once identified, further testing would require checking if the HomeKit Accessory Protocol service allows unauthenticated access, but specific commands or scripts for this are not provided in the available information.'}] [1]

Mitigation Strategies

The provided information does not include specific mitigation steps or patches for this vulnerability.

General immediate steps to mitigate such authentication bypass vulnerabilities include:

  • Restrict network access to the Philips Hue Bridge, especially limiting access to TCP port 8080 to trusted devices only.
  • Isolate the affected device on a separate network segment or VLAN to reduce exposure.
  • Monitor network traffic for unusual access attempts to port 8080.
  • Check for and apply any available firmware updates or patches from Philips that address this vulnerability.
Chat Assistant
Ask questions about this CVE
Hi! I’m here to help you understand CVE-2026-3558. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70
EPSS Chart