CVE-2022-32502

May 14, 2024, 4:13 p.m.

Product(s) Impacted

Nuki Bridge

1.22.0
2.13.2

Nuki Bridge

before 1.22.0
before 2.13.2

Description

An issue was discovered on certain Nuki Home Solutions devices. There is a buffer overflow over the encrypted token parsing logic in the HTTP service that allows remote code execution. This affects Nuki Bridge v1 before 1.22.0 and v2 before 2.13.2.

Weaknesses

Date

Published: May 14, 2024, 10:43 a.m.

Last Modified: May 14, 2024, 4:13 p.m.

Status : Awaiting Analysis

CVE has been recently published to the CVE List and has been received by the NVD.

More info

Source

cve@mitre.org

References

https://latesthackingnews.com/2022/07/28/multiple-security-flaws-found-in-nuki-smart-locks/

cve@mitre.org

https://nuki.io/en/security-updates/

cve@mitre.org

https://research.nccgroup.com/2022/07/25/technical-advisory-multiple-vulnerabilities-in-nuki-smart-locks-cve-2022-32509-cve-2022-32504-cve-2022-32502-cve-2022-32507-cve-2022-32503-cve-2022-32510-cve-2022-32506-cve-2022-32508-cve-2/

cve@mitre.org

https://www.hackread.com/nuki-smart-locks-vulnerabilities-plethora-attack-options/

cve@mitre.org

CVE-2022-32502

Tags

Product(s) Impacted

Description

Weaknesses

Date

Status : Awaiting Analysis

Source

References

Share