CVE-2026-3560
Heap-Based Buffer Overflow in Philips Hue Bridge Enables RCE
Publication date: 2026-03-16
Last updated on: 2026-04-27
Assigner: Zero Day Initiative
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| philips | hue_bridge_v2_firmware | to 1975170000 (exc) |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-122 | A heap overflow condition is a buffer overflow, where the buffer that can be overwritten is allocated in the heap portion of memory, generally meaning that the buffer was allocated using a routine such as malloc(). |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
[{'type': 'paragraph', 'content': "CVE-2026-3560 is a heap-based buffer overflow vulnerability found in the Philips Hue Bridge's HomeKit implementation, specifically in the hk_hap_pair_storage_put function which listens on TCP port 8080 by default."}, {'type': 'paragraph', 'content': 'The flaw occurs because the function does not properly validate the length of user-supplied data before copying it into a heap-based buffer. This improper validation can lead to a buffer overflow.'}, {'type': 'paragraph', 'content': 'An attacker who is network-adjacent can exploit this vulnerability to execute arbitrary code on the affected device remotely without needing any authentication.'}] [1]
How can this vulnerability impact me? :
[{'type': 'paragraph', 'content': 'This vulnerability can have severe impacts as it allows an attacker to execute arbitrary code on the Philips Hue Bridge remotely without authentication.'}, {'type': 'list_item', 'content': "Complete compromise of the device's confidentiality, integrity, and availability."}, {'type': 'list_item', 'content': 'Potential unauthorized control over the Philips Hue Bridge and connected smart home devices.'}, {'type': 'list_item', 'content': 'Disruption of smart home operations or use of the device as a foothold for further network attacks.'}] [1]
How does this vulnerability affect compliance with common standards and regulations (like GDPR, HIPAA)?:
I don't know
How can this vulnerability be detected on my network or system? Can you suggest some commands?
[{'type': 'paragraph', 'content': "This vulnerability exists in the Philips Hue Bridge's HomeKit implementation, specifically in the hk_hap_pair_storage_put function that listens on TCP port 8080 by default."}, {'type': 'paragraph', 'content': 'To detect this vulnerability on your network or system, you can scan for devices with open TCP port 8080 that correspond to Philips Hue Bridge devices.'}, {'type': 'list_item', 'content': 'Use a network scanning tool like nmap to identify devices with port 8080 open: nmap -p 8080 <target-ip-range>'}, {'type': 'list_item', 'content': 'Once identified, you can attempt to interact with the HomeKit service on port 8080 to check for abnormal responses or signs of the vulnerable hk_hap_pair_storage_put function.'}] [1]
What immediate steps should I take to mitigate this vulnerability?
The provided information does not include specific mitigation steps or patches for this vulnerability.