CVE-2022-32503
📋 TL;DR
This vulnerability allows attackers with physical access to the JTAG port on Nuki smart lock devices to bypass hardware and software security protections. It affects Nuki Keypad versions before 1.9.2 and Nuki Fob versions before 1.8.1. Physical access to the device is required for exploitation.
💻 Affected Systems
- Nuki Keypad
- Nuki Fob
⚠️ Manual Verification Required
This CVE does not have specific version information in our database, so automatic vulnerability detection cannot determine if your system is affected.
Why? The CVE database entry doesn't specify which versions are vulnerable (no version ranges provided by the vendor/NVD).
🔒 Custom verification scripts are available for registered users. Sign up free to download automated test scripts.
- Review the CVE details at NVD
- Check vendor security advisories for your specific version
- Test if the vulnerability is exploitable in your environment
- Consider updating to the latest version as a precaution
⚠️ Risk & Real-World Impact
Worst Case
Complete compromise of the smart lock system allowing unauthorized access to secured premises, potential extraction of cryptographic keys, and permanent device compromise.
Likely Case
Local attacker with physical access to the device could extract sensitive information, modify device firmware, or bypass authentication mechanisms.
If Mitigated
With proper physical security controls, the risk is significantly reduced as physical access to the device is required.
🎯 Exploit Status
Exploitation requires physical access to the device and JTAG debugging hardware/software knowledge. No public exploit code has been released.
🛠️ Fix & Mitigation
✅ Official Fix
Patch Version: Nuki Keypad 1.9.2, Nuki Fob 1.8.1
Vendor Advisory: https://nuki.io/en/security-updates/
Restart Required: Yes
Instructions:
1. Update Nuki Keypad to firmware version 1.9.2 or later via the Nuki app. 2. Update Nuki Fob to firmware version 1.8.1 or later via the Nuki app. 3. Verify the update completed successfully.
🔧 Temporary Workarounds
Physical Security Enhancement
allImplement physical security measures to prevent unauthorized access to the device's JTAG port
Device Placement Strategy
allInstall devices in locations where physical access to the JTAG port is restricted or monitored
🧯 If You Can't Patch
- Implement strict physical access controls to prevent unauthorized individuals from accessing the devices
- Consider replacing affected devices with updated versions if physical security cannot be guaranteed
🔍 How to Verify
Check if Vulnerable:
Check device firmware version in the Nuki mobile app: Settings > Device Information > Firmware VersionCheck Version:
Check via Nuki mobile app: Settings > Device Information > Firmware VersionVerify Fix Applied:
Verify firmware version shows 1.9.2 or later for Nuki Keypad, or 1.8.1 or later for Nuki Fob in the Nuki app📡 Detection & Monitoring
Log Indicators:
- Physical tampering indicators, unusual device access patterns
Network Indicators:
- No network-based indicators as this is a physical access vulnerability
SIEM Query:
No applicable SIEM query as this is a physical access vulnerability🔗 References
- https://latesthackingnews.com/2022/07/28/multiple-security-flaws-found-in-nuki-smart-locks/
- https://nuki.io/en/security-updates/
- https://research.nccgroup.com/2022/07/25/technical-advisory-multiple-vulnerabilities-in-nuki-smart-locks-cve-2022-32509-cve-2022-32504-cve-2022-32502-cve-2022-32507-cve-2022-32503-cve-2022-32510-cve-2022-32506-cve-2022-32508-cve-2/
- https://www.hackread.com/nuki-smart-locks-vulnerabilities-plethora-attack-options/
- https://latesthackingnews.com/2022/07/28/multiple-security-flaws-found-in-nuki-smart-locks/
- https://nuki.io/en/security-updates/
- https://research.nccgroup.com/2022/07/25/technical-advisory-multiple-vulnerabilities-in-nuki-smart-locks-cve-2022-32509-cve-2022-32504-cve-2022-32502-cve-2022-32507-cve-2022-32503-cve-2022-32510-cve-2022-32506-cve-2022-32508-cve-2/
- https://www.hackread.com/nuki-smart-locks-vulnerabilities-plethora-attack-options/
