CVE-2022-32502
📋 TL;DR
This vulnerability allows remote attackers to execute arbitrary code on Nuki Bridge devices via a buffer overflow in the encrypted token parsing logic of the HTTP service. It affects Nuki Bridge v1 before version 1.22.0 and v2 before version 2.13.2, potentially compromising smart lock systems.
💻 Affected Systems
- Nuki Bridge v1
- Nuki Bridge v2
⚠️ Manual Verification Required
This CVE does not have specific version information in our database, so automatic vulnerability detection cannot determine if your system is affected.
Why? The CVE database entry doesn't specify which versions are vulnerable (no version ranges provided by the vendor/NVD).
🔒 Custom verification scripts are available for registered users. Sign up free to download automated test scripts.
- Review the CVE details at NVD
- Check vendor security advisories for your specific version
- Test if the vulnerability is exploitable in your environment
- Consider updating to the latest version as a precaution
⚠️ Risk & Real-World Impact
Worst Case
Remote code execution leading to full device compromise, unauthorized smart lock control, physical security bypass, and potential lateral movement in the network.
Likely Case
Remote attackers gaining control of the Nuki Bridge to manipulate smart locks, access home networks, or deploy malware.
If Mitigated
Limited impact if devices are patched, isolated from untrusted networks, and monitored for suspicious activity.
🎯 Exploit Status
Exploitation requires network access to the HTTP service; no public proof-of-concept is documented.
🛠️ Fix & Mitigation
✅ Official Fix
Patch Version: v1.22.0 for Bridge v1, v2.13.2 for Bridge v2
Vendor Advisory: https://nuki.io/en/security-updates/
Restart Required: Yes
Instructions:
1. Access Nuki Bridge via the Nuki app or web interface. 2. Check for firmware updates in settings. 3. Apply update to version 1.22.0 or higher for v1, or 2.13.2 or higher for v2. 4. Restart the device after update.
🔧 Temporary Workarounds
Network Isolation
allRestrict network access to Nuki Bridge devices to trusted IPs only.
Disable HTTP Service
allIf possible, disable the HTTP service on the Nuki Bridge to block remote exploitation vectors.
🧯 If You Can't Patch
- Isolate Nuki Bridge devices on a separate VLAN with strict firewall rules.
- Monitor network traffic for unusual HTTP requests to the Bridge and implement intrusion detection.
🔍 How to Verify
Check if Vulnerable:
Check the firmware version in the Nuki app or web interface; if v1 is below 1.22.0 or v2 is below 2.13.2, it is vulnerable.Check Version:
Use the Nuki app or access the Bridge's web interface to view firmware version in settings.Verify Fix Applied:
Confirm the firmware version is updated to v1.22.0 or higher for Bridge v1, or v2.13.2 or higher for Bridge v2.📡 Detection & Monitoring
Log Indicators:
- Unusual HTTP requests to the Bridge service, buffer overflow attempts in logs.
Network Indicators:
- Suspicious traffic to port 80/8080 on Nuki Bridge IPs, unexpected outbound connections from the Bridge.
SIEM Query:
Example: 'source_ip: external AND dest_ip: nuki_bridge AND (http_method: POST OR http_uri: /token)'🔗 References
- https://latesthackingnews.com/2022/07/28/multiple-security-flaws-found-in-nuki-smart-locks/
- https://nuki.io/en/security-updates/
- https://research.nccgroup.com/2022/07/25/technical-advisory-multiple-vulnerabilities-in-nuki-smart-locks-cve-2022-32509-cve-2022-32504-cve-2022-32502-cve-2022-32507-cve-2022-32503-cve-2022-32510-cve-2022-32506-cve-2022-32508-cve-2/
- https://www.hackread.com/nuki-smart-locks-vulnerabilities-plethora-attack-options/
- https://latesthackingnews.com/2022/07/28/multiple-security-flaws-found-in-nuki-smart-locks/
- https://nuki.io/en/security-updates/
- https://research.nccgroup.com/2022/07/25/technical-advisory-multiple-vulnerabilities-in-nuki-smart-locks-cve-2022-32509-cve-2022-32504-cve-2022-32502-cve-2022-32507-cve-2022-32503-cve-2022-32510-cve-2022-32506-cve-2022-32508-cve-2/
- https://www.hackread.com/nuki-smart-locks-vulnerabilities-plethora-attack-options/
