What is CVE-2026-3562?

CVE-2026-3562 is a medium-severity vulnerability in Philips Hue Bridge, classified under Improper Verification of Cryptographic Signature. CVSS score: 6.3/10. Published 2026-03-13.

How severe is CVE-2026-3562?

Medium severity. CVSS v3 base score is 6.3 out of 10.

Vulnerability in Philips Hue Bridge

CVE-2026-3562

Philips Hue Bridge hk_hap Ed25519 Signature Verification Authentication Bypass Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Philips Hue Bridge. Authentication is…

EPSS: 0.000 (6.8th percentile) — read the EPSS interpretation.

CVSS v3 metric

CVSS v3 base score 6.3 (Medium). Vector: CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L.

Affected products

Philips Hue Bridge — versions 1.73.1973146020

Weakness classification (CWE)

CWE-347 — Improper Verification of Cryptographic Signature

References

ZDI-26-160 (x_research-advisory)

Frequently asked questions

What is CVE-2026-3562?: CVE-2026-3562 is a medium-severity vulnerability in Philips Hue Bridge, classified under Improper Verification of Cryptographic Signature. CVSS score: 6.3/10. Published 2026-03-13.
How severe is CVE-2026-3562?: Medium severity. CVSS v3 base score is 6.3 out of 10.