VYPR

Nuki Smart Lock

by Nuki

CVEs (3)

  • CVE-2022-32509HigMay 14, 2024
    risk 0.57cvss 8.8epss 0.00

    An issue was discovered on certain Nuki Home Solutions devices. Lack of certificate validation on HTTP communications allows attackers to intercept and tamper data. This affects Nuki Smart Lock 3.0 before 3.3.5, Nuki Bridge v1 before 1.22.0 and Nuki Bridge v2 before 2.13.2.

  • CVE-2022-32503HigMay 14, 2024
    risk 0.49cvss 7.6epss 0.01

    An issue was discovered on certain Nuki Home Solutions devices. An attacker with physical access to this JTAG port may be able to connect to the device and bypass both hardware and software security protections. This affects Nuki Keypad before 1.9.2 and Nuki Fob before 1.8.1.

  • CVE-2022-32505HigMay 14, 2024
    risk 0.46cvss 7.1epss 0.00

    An issue was discovered on certain Nuki Home Solutions devices. It is possible to send multiple BLE malformed packets to block some of the functionality and reboot the device. This affects Nuki Smart Lock 3.0 before 3.3.5 and Nuki Smart Lock 2.0 before 2.12.4.