CVEDB API

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2026-3559

Philips Hue Bridge HomeKit Accessory Protocol Static Nonce Authentication Bypass Vulnerability. This vulnerability allows network-adjacent attackers to bypass authentication on affected installations of Philips Hue Bridge. Authentication is not required to exploit this vulnerability. The specific flaw exists within the configuration of the SRP authentication mechanism in the HomeKit Accessory Protocol service, which listens on TCP port 8080 by default. The issue results from the use of a static nonce value. An attacker can leverage this vulnerability to bypass authentication on the system. Was ZDI-CAN-28451.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.001

EPSS Ranking 29.7%

CVSS Severity

CVSS v3 Score 8.1

References

https://www.zerodayinitiative.com/advisories/ZDI-26-157/

Products affected by CVE-2026-3559

Philips » Hue Bridge V2 » Version: N/A

cpe:2.3:h:philips:hue_bridge_v2:-
Philips » Hue Bridge V2 Firmware » Version: 01028090

cpe:2.3:o:philips:hue_bridge_v2_firmware:01028090
Philips » Hue Bridge V2 Firmware » Version: 01029624

cpe:2.3:o:philips:hue_bridge_v2_firmware:01029624
Philips » Hue Bridge V2 Firmware » Version: 01030262

cpe:2.3:o:philips:hue_bridge_v2_firmware:01030262
Philips » Hue Bridge V2 Firmware » Version: 01031131

cpe:2.3:o:philips:hue_bridge_v2_firmware:01031131
Philips » Hue Bridge V2 Firmware » Version: 01032318

cpe:2.3:o:philips:hue_bridge_v2_firmware:01032318
Philips » Hue Bridge V2 Firmware » Version: 01033370

cpe:2.3:o:philips:hue_bridge_v2_firmware:01033370
Philips » Hue Bridge V2 Firmware » Version: 01033989

cpe:2.3:o:philips:hue_bridge_v2_firmware:01033989
Philips » Hue Bridge V2 Firmware » Version: 01035934

cpe:2.3:o:philips:hue_bridge_v2_firmware:01035934
Philips » Hue Bridge V2 Firmware » Version: 01036562

cpe:2.3:o:philips:hue_bridge_v2_firmware:01036562
Philips » Hue Bridge V2 Firmware » Version: 01036659

cpe:2.3:o:philips:hue_bridge_v2_firmware:01036659
Philips » Hue Bridge V2 Firmware » Version: 01038390

cpe:2.3:o:philips:hue_bridge_v2_firmware:01038390
Philips » Hue Bridge V2 Firmware » Version: 01039019

cpe:2.3:o:philips:hue_bridge_v2_firmware:01039019
Philips » Hue Bridge V2 Firmware » Version: 1705121051

cpe:2.3:o:philips:hue_bridge_v2_firmware:1705121051
Philips » Hue Bridge V2 Firmware » Version: 1707040932

cpe:2.3:o:philips:hue_bridge_v2_firmware:1707040932
Philips » Hue Bridge V2 Firmware » Version: 1709131301

cpe:2.3:o:philips:hue_bridge_v2_firmware:1709131301
Philips » Hue Bridge V2 Firmware » Version: 1711151408

cpe:2.3:o:philips:hue_bridge_v2_firmware:1711151408
Philips » Hue Bridge V2 Firmware » Version: 1801260942

cpe:2.3:o:philips:hue_bridge_v2_firmware:1801260942
Philips » Hue Bridge V2 Firmware » Version: 1802201122

cpe:2.3:o:philips:hue_bridge_v2_firmware:1802201122
Philips » Hue Bridge V2 Firmware » Version: 1804201116

cpe:2.3:o:philips:hue_bridge_v2_firmware:1804201116
Philips » Hue Bridge V2 Firmware » Version: 1806051111

cpe:2.3:o:philips:hue_bridge_v2_firmware:1806051111
Philips » Hue Bridge V2 Firmware » Version: 1808300701

cpe:2.3:o:philips:hue_bridge_v2_firmware:1808300701
Philips » Hue Bridge V2 Firmware » Version: 1809121051

cpe:2.3:o:philips:hue_bridge_v2_firmware:1809121051
Philips » Hue Bridge V2 Firmware » Version: 1811120916

cpe:2.3:o:philips:hue_bridge_v2_firmware:1811120916
Philips » Hue Bridge V2 Firmware » Version: 1901181309

cpe:2.3:o:philips:hue_bridge_v2_firmware:1901181309
Philips » Hue Bridge V2 Firmware » Version: 1931069120

cpe:2.3:o:philips:hue_bridge_v2_firmware:1931069120
Philips » Hue Bridge V2 Firmware » Version: 1931140050

cpe:2.3:o:philips:hue_bridge_v2_firmware:1931140050
Philips » Hue Bridge V2 Firmware » Version: 1932073040

cpe:2.3:o:philips:hue_bridge_v2_firmware:1932073040
Philips » Hue Bridge V2 Firmware » Version: 1932126170

cpe:2.3:o:philips:hue_bridge_v2_firmware:1932126170
Philips » Hue Bridge V2 Firmware » Version: 1933087030

cpe:2.3:o:philips:hue_bridge_v2_firmware:1933087030
Philips » Hue Bridge V2 Firmware » Version: 1933144020

cpe:2.3:o:philips:hue_bridge_v2_firmware:1933144020
Philips » Hue Bridge V2 Firmware » Version: 1934058060

cpe:2.3:o:philips:hue_bridge_v2_firmware:1934058060
Philips » Hue Bridge V2 Firmware » Version: 1934129020

cpe:2.3:o:philips:hue_bridge_v2_firmware:1934129020
Philips » Hue Bridge V2 Firmware » Version: 1935074050

cpe:2.3:o:philips:hue_bridge_v2_firmware:1935074050
Philips » Hue Bridge V2 Firmware » Version: 1935144020

cpe:2.3:o:philips:hue_bridge_v2_firmware:1935144020
Philips » Hue Bridge V2 Firmware » Version: 1935144040

cpe:2.3:o:philips:hue_bridge_v2_firmware:1935144040

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2026-3559

Products

Pricing

Contact Us