CVSS: 7.5EPSS: 1%CPEs: 2EXPL: 4CVE-2018-7580 – Philips Hue Denial of Service
https://notcve.org/view.php?id=CVE-2018-7580
21 Dec 2020 — Philips Hue is vulnerable to a Denial of Service attack. Sending a SYN flood on port tcp/80 will freeze Philips Hue's hub and it will stop responding. The "hub" will stop operating and be frozen until the flood stops. During the flood, the user won't be able to turn on/off the lights, and all of the hub's functionality will be unresponsive. The cloud service also won't work with the hub. • https://packetstorm.news/files/id/160724 • CWE-400: Uncontrolled Resource Consumption •
CVSS: 7.9EPSS: 6%CPEs: 2EXPL: 1CVE-2020-6007
https://notcve.org/view.php?id=CVE-2020-6007
23 Jan 2020 — Philips Hue Bridge model 2.X prior to and including version 1935144020 contains a Heap-based Buffer Overflow when handling a long ZCL string during the commissioning phase, resulting in a remote code execution. Philips Hue Bridge modelo 2.X versiones anteriores a 1935144020 incluyéndola, contiene un desbordamiento de búfer en la región heap de la memoria cuando se maneja una cadena ZCL larga durante la fase de comisionamiento, resultando en una ejecución de código remota. • https://research.checkpoint.com/2020/dont-be-silly-its-only-a-lightbulb • CWE-122: Heap-based Buffer Overflow CWE-787: Out-of-bounds Write •
CVSS: 7.9EPSS: 0%CPEs: 2EXPL: 0CVE-2017-14797
https://notcve.org/view.php?id=CVE-2017-14797
30 Sep 2017 — Lack of Transport Encryption in the public API in Philips Hue Bridge BSB002 SW 1707040932 allows remote attackers to read API keys (and consequently bypass the pushlink protection mechanism, and obtain complete control of the connected accessories) by leveraging the ability to sniff HTTP traffic on the local intranet network. La ausencia de cifrado en la capa de transporte en la API publica en Philips Hue Bridge BSB002 SW 1707040932 permite que los atacantes remotos lean claves de API (y en consecuencia omi... • https://www.tiferrei.com/philips-we-need-to-talk • CWE-326: Inadequate Encryption Strength •