Vulnerability Details CVE-2026-3562
Philips Hue Bridge hk_hap Ed25519 Signature Verification Authentication Bypass Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Philips Hue Bridge. Authentication is not required to exploit this vulnerability.
The specific flaw exists within the ed25519_sign_open function. The issue results from improper verification of a cryptographic signature. An attacker can leverage this vulnerability to bypass authentication on the system. Was ZDI-CAN-28480.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.0
EPSS Ranking 14.0%
CVSS Severity
CVSS v3 Score 6.3
Products affected by CVE-2026-3562
-
cpe:2.3:h:philips:hue_bridge_v2:-
-
cpe:2.3:o:philips:hue_bridge_v2_firmware:01028090
-
cpe:2.3:o:philips:hue_bridge_v2_firmware:01029624
-
cpe:2.3:o:philips:hue_bridge_v2_firmware:01030262
-
cpe:2.3:o:philips:hue_bridge_v2_firmware:01031131
-
cpe:2.3:o:philips:hue_bridge_v2_firmware:01032318
-
cpe:2.3:o:philips:hue_bridge_v2_firmware:01033370
-
cpe:2.3:o:philips:hue_bridge_v2_firmware:01033989
-
cpe:2.3:o:philips:hue_bridge_v2_firmware:01035934
-
cpe:2.3:o:philips:hue_bridge_v2_firmware:01036562
-
cpe:2.3:o:philips:hue_bridge_v2_firmware:01036659
-
cpe:2.3:o:philips:hue_bridge_v2_firmware:01038390
-
cpe:2.3:o:philips:hue_bridge_v2_firmware:01039019
-
cpe:2.3:o:philips:hue_bridge_v2_firmware:1705121051
-
cpe:2.3:o:philips:hue_bridge_v2_firmware:1707040932
-
cpe:2.3:o:philips:hue_bridge_v2_firmware:1709131301
-
cpe:2.3:o:philips:hue_bridge_v2_firmware:1711151408
-
cpe:2.3:o:philips:hue_bridge_v2_firmware:1801260942
-
cpe:2.3:o:philips:hue_bridge_v2_firmware:1802201122
-
cpe:2.3:o:philips:hue_bridge_v2_firmware:1804201116
-
cpe:2.3:o:philips:hue_bridge_v2_firmware:1806051111
-
cpe:2.3:o:philips:hue_bridge_v2_firmware:1808300701
-
cpe:2.3:o:philips:hue_bridge_v2_firmware:1809121051
-
cpe:2.3:o:philips:hue_bridge_v2_firmware:1811120916
-
cpe:2.3:o:philips:hue_bridge_v2_firmware:1901181309
-
cpe:2.3:o:philips:hue_bridge_v2_firmware:1931069120
-
cpe:2.3:o:philips:hue_bridge_v2_firmware:1931140050
-
cpe:2.3:o:philips:hue_bridge_v2_firmware:1932073040
-
cpe:2.3:o:philips:hue_bridge_v2_firmware:1932126170
-
cpe:2.3:o:philips:hue_bridge_v2_firmware:1933087030
-
cpe:2.3:o:philips:hue_bridge_v2_firmware:1933144020
-
cpe:2.3:o:philips:hue_bridge_v2_firmware:1934058060
-
cpe:2.3:o:philips:hue_bridge_v2_firmware:1934129020
-
cpe:2.3:o:philips:hue_bridge_v2_firmware:1935074050
-
cpe:2.3:o:philips:hue_bridge_v2_firmware:1935144020
-
cpe:2.3:o:philips:hue_bridge_v2_firmware:1935144040