CVE-2020-6007

Summary

Philips Hue Bridge model 2.X prior to and including version 1935144020 contains a Heap-based Buffer Overflow when handling a long ZCL string during the commissioning phase, resulting in a remote code execution.

Affected Software

VendorProductVersion RangeStatus
n/aPhilips Hue Bridge 2.XAll versions prior to and including 1935144020affected

Weaknesses

  • CWE-122: CWE-122: Heap-based Buffer Overflow

ADP Enrichment

CVE Program Container

Additional References

References