CVE-2026-3558
Awaiting Analysis Awaiting Analysis - Queue

Authentication Bypass in Philips Hue Bridge HomeKit Protocol

Vulnerability report for CVE-2026-3558, including description, CVSS score, EPSS score, affected products, exploitability, helpful resources, and attack-flow context.

Publication date: 2026-03-16

Last updated on: 2026-04-27

Assigner: Zero Day Initiative

Description

Philips Hue Bridge HomeKit Accessory Protocol Transient Pairing Mode Authentication Bypass Vulnerability. This vulnerability allows network-adjacent attackers to bypass authentication on affected installations of Philips Hue Bridge. Authentication is not required to exploit this vulnerability. The specific flaw exists within the configuration of the HomeKit Accessory Protocol service, which listens on TCP port 8080 by default. The issue results from the lack of authentication prior to allowing access to functionality. An attacker can leverage this vulnerability to bypass authentication on the system. Was ZDI-CAN-28374.

CVSS Scores

EPSS Scores

Probability:
Percentile:

Meta Information

Published
2026-03-16
Last Modified
2026-04-27
Generated
2026-07-06
AI Q&A
2026-03-16
EPSS Evaluated
2026-07-04
NVD
EUVD

Affected Vendors & Products

Showing 1 associated CPE
Vendor Product Version / Range
philips hue_bridge_v2_firmware to 1975170000 (exc)

Helpful Resources

Exploitability

CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-306 The product does not perform any authentication for functionality that requires a provable user identity or consumes a significant amount of resources.

Attack-Flow Graph

AI Quick Actions

Instant insights powered by AI
Impact Analysis

[{'type': 'paragraph', 'content': 'Exploiting this vulnerability allows an attacker to bypass authentication and gain unauthorized access to the Philips Hue Bridge system.'}, {'type': 'paragraph', 'content': 'The CVSS score of 8.1 indicates a high impact on confidentiality and integrity, meaning sensitive information could be exposed or altered.'}, {'type': 'paragraph', 'content': "However, there is no impact on availability, so the system's operation would not be disrupted."}] [1]

Compliance Impact

I don't know

Detection Guidance

[{'type': 'paragraph', 'content': "This vulnerability affects the Philips Hue Bridge's HomeKit Accessory Protocol service, which listens on TCP port 8080 by default."}, {'type': 'paragraph', 'content': 'To detect this vulnerability on your network or system, you can scan for devices with TCP port 8080 open that are running the Philips Hue Bridge service.'}, {'type': 'paragraph', 'content': 'A simple network scan command example using nmap would be:'}, {'type': 'list_item', 'content': 'nmap -p 8080 --open <target-ip-range>'}, {'type': 'paragraph', 'content': 'Once identified, further testing would require checking if the HomeKit Accessory Protocol service allows unauthenticated access, but specific commands or scripts for this are not provided in the available information.'}] [1]

Mitigation Strategies

The provided information does not include specific mitigation steps or patches for this vulnerability.

General immediate steps to mitigate such authentication bypass vulnerabilities include:

  • Restrict network access to the Philips Hue Bridge, especially limiting access to TCP port 8080 to trusted devices only.
  • Isolate the affected device on a separate network segment or VLAN to reduce exposure.
  • Monitor network traffic for unusual access attempts to port 8080.
  • Check for and apply any available firmware updates or patches from Philips that address this vulnerability.
Executive Summary

CVE-2026-3558 is an authentication bypass vulnerability in the Philips Hue Bridge, specifically within the HomeKit Accessory Protocol service that listens on TCP port 8080 by default.

The flaw exists because the service does not require authentication before allowing access to certain functionalities in its transient pairing mode.

This means that a network-adjacent attacker can exploit this vulnerability without any credentials or user interaction to gain unauthorized access to the affected system.

Chat Assistant

Ask questions about this CVE
Hi! I’m here to help you understand CVE-2026-3558. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70

EPSS Chart