High severity8.8NVD Advisory· Published May 14, 2024· Updated Apr 15, 2026
CVE-2022-32507
CVE-2022-32507
Description
An issue was discovered on certain Nuki Home Solutions devices. Some BLE commands, which should have been designed to be only called from privileged accounts, could also be called from unprivileged accounts. This demonstrates that no access controls were implemented for the different BLE commands across the different accounts. This affects Nuki Smart Lock 3.0 before 3.3.5 and Nuki Smart Lock 2.0 before 2.12.4.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
1- Range: <3.3.5
Patches
Vulnerability mechanics
References
4- latesthackingnews.com/2022/07/28/multiple-security-flaws-found-in-nuki-smart-locks/nvd
- nuki.io/en/security-updates/nvd
- research.nccgroup.com/2022/07/25/technical-advisory-multiple-vulnerabilities-in-nuki-smart-locks-cve-2022-32509-cve-2022-32504-cve-2022-32502-cve-2022-32507-cve-2022-32503-cve-2022-32510-cve-2022-32506-cve-2022-32508-cve-2/nvd
- www.hackread.com/nuki-smart-locks-vulnerabilities-plethora-attack-options/nvd
News mentions
0No linked articles in our index yet.