Description
Philips Hue Bridge hk_hap Ed25519 Signature Verification Authentication Bypass Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Philips Hue Bridge. Authentication is not required to exploit this vulnerability.

The specific flaw exists within the ed25519_sign_open function. The issue results from improper verification of a cryptographic signature. An attacker can leverage this vulnerability to bypass authentication on the system. Was ZDI-CAN-28480.
Published: 2026-03-13
Score: 8.8 High
EPSS: < 1% Very Low
KEV: No
Impact: Remote Code Execution
Action: Immediate Patch
AI Analysis

Impact

The vulnerability in Philips Hue Bridge involves improper verification of an Ed25519 cryptographic signature within the ed25519_sign_open function, enabling attackers to bypass authentication and execute arbitrary code on the device. This flaw falls under the Common Weakness Enumeration ID CWE-347. The impact is the potential for an adversary to compromise the bridge’s confidentiality, integrity, and availability, effectively controlling the device without needing valid credentials.

Affected Systems

Affected vendor: Philips; affected product: Hue Bridge. Specific version information is not provided in the available data, so any installation of the Hue Bridge that incorporates the flawed ed25519_sign_open implementation is potentially impacted. The vulnerability is listed as being exploitable by network-adjacent attackers.

Risk and Exploitability

The CVSS score is 8.8, indicating high severity, while the EPSS score of less than 1% suggests a low probability of exploitation in the near term. The vulnerability is not currently listed in the CISA KEV catalog, which further indicates it has not yet been widely observed in the wild. Attackers with lateral network access can exploit the flaw without authentication; however, the specific conditions required for successful code execution are not detailed in the data and thus remain inferred from the description. Overall, the risk is non‑negligible, and mitigation should be pursued promptly once a vendor patch or workaround becomes available.

Generated by OpenCVE AI on April 28, 2026 at 09:21 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Check Philips Hue support or product website for a firmware update or official patch to address the flaw.
  • Apply the vendor‑released patch or firmware update as soon as it becomes available.
  • If a patch is not yet available, isolate the Hue Bridge from untrusted local network segments using VLAN or firewall rules to reduce the attack surface.
  • Limit or disable any remote management services on the bridge that are not required for operation.
  • Monitor local network traffic for anomalous attempts to interact with the Hue Bridge and investigate any suspicious activity.
  • Report any exploitation indicators to Philips security support and follow any advisories issued by the vendor.

Generated by OpenCVE AI on April 28, 2026 at 09:21 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Mon, 27 Apr 2026 14:30:00 +0000

Type Values Removed Values Added
First Time appeared Philips
Philips hue Bridge V2
Philips hue Bridge V2 Firmware
CPEs cpe:2.3:h:philips:hue_bridge_v2:-:*:*:*:*:*:*:*
cpe:2.3:o:philips:hue_bridge_v2_firmware:*:*:*:*:*:*:*:*
Vendors & Products Philips
Philips hue Bridge V2
Philips hue Bridge V2 Firmware
Metrics cvssV3_1

{'score': 8.8, 'vector': 'CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H'}

Mon, 16 Mar 2026 21:15:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}

Mon, 16 Mar 2026 10:15:00 +0000

Type Values Removed Values Added
First Time appeared Phillips
Phillips hue Bridge
Vendors & Products Phillips
Phillips hue Bridge

Fri, 13 Mar 2026 21:00:00 +0000

Type Values Removed Values Added
Description Philips Hue Bridge hk_hap Ed25519 Signature Verification Authentication Bypass Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Philips Hue Bridge. Authentication is not required to exploit this vulnerability. The specific flaw exists within the ed25519_sign_open function. The issue results from improper verification of a cryptographic signature. An attacker can leverage this vulnerability to bypass authentication on the system. Was ZDI-CAN-28480.
Title Philips Hue Bridge hk_hap Ed25519 Signature Verification Authentication Bypass Vulnerability
Weaknesses CWE-347
References
Metrics cvssV3_0

{'score': 6.3, 'vector': 'CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L'}

Subscriptions

Philips Hue Bridge V2 Hue Bridge V2 Firmware
Phillips Hue Bridge
cve-icon MITRE

Status: PUBLISHED

Assigner: zdi

Published:

Updated: 2026-03-16T20:21:33.688Z

Reserved: 2026-03-04T19:42:57.379Z

Link: CVE-2026-3562

cve-icon Vulnrichment

Updated: 2026-03-16T20:21:29.149Z

cve-icon NVD

Status : Analyzed

Published: 2026-03-16T14:19:52.337

Modified: 2026-04-27T14:28:53.410

Link: CVE-2026-3562

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-04-28T09:30:26Z

Weaknesses