High severity7.5NVD Advisory· Published Nov 14, 2019· Updated Jun 17, 2026
CVE-2019-18980
CVE-2019-18980
Description
On Signify Philips Taolight Smart Wi-Fi Wiz Connected LED Bulb 9290022656 devices, an unprotected API lets remote users control the bulb's operation. Anyone can turn the bulb on or off, or change its color or brightness remotely. There is no authentication or encryption to use the control API. The only requirement is that the attacker have network access to the bulb.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
1Patches
Vulnerability mechanics
References
1- blog.dammitly.net/2019/10/cheap-hackable-wifi-light-bulbs-or-iot.htmlnvdExploitThird Party Advisory
News mentions
0No linked articles in our index yet.