CVE-2022-32506
📋 TL;DR
This vulnerability allows attackers with physical access to Nuki smart lock and bridge devices to use debug interfaces to execute arbitrary code, read or modify firmware, and access flash memory contents. It affects Nuki Smart Lock 2.0/3.0 and Bridge v1/v2 devices with outdated firmware. Physical access to the device's circuit board is required for exploitation.
💻 Affected Systems
- Nuki Smart Lock 2.0
- Nuki Smart Lock 3.0
- Nuki Bridge v1
- Nuki Bridge v2
⚠️ Manual Verification Required
This CVE does not have specific version information in our database, so automatic vulnerability detection cannot determine if your system is affected.
Why? The CVE database entry doesn't specify which versions are vulnerable (no version ranges provided by the vendor/NVD).
🔒 Custom verification scripts are available for registered users. Sign up free to download automated test scripts.
- Review the CVE details at NVD
- Check vendor security advisories for your specific version
- Test if the vulnerability is exploitable in your environment
- Consider updating to the latest version as a precaution
⚠️ Risk & Real-World Impact
Worst Case
Attacker gains full control of smart lock/bridge, can disable security features, extract encryption keys, modify firmware to create backdoors, or permanently compromise device functionality.
Likely Case
Attacker with physical access extracts sensitive data, modifies device behavior, or bypasses security mechanisms to gain unauthorized access.
If Mitigated
With firmware updates and physical security controls, risk is limited to devices that remain unpatched and physically accessible.
🎯 Exploit Status
Requires physical access and hardware debugging tools (SWD interface). Technical knowledge of embedded systems and debug interfaces needed.
🛠️ Fix & Mitigation
✅ Official Fix
Patch Version: Smart Lock 3.0: 3.3.5+, Smart Lock 2.0: 2.12.4+, Bridge v1: 1.22.0+, Bridge v2: 2.13.2+
Vendor Advisory: https://nuki.io/en/security-updates/
Restart Required: Yes
Instructions:
1. Open Nuki app. 2. Check for firmware updates. 3. Apply available updates. 4. Device will restart automatically after update.
🔧 Temporary Workarounds
Physical Security Controls
allImplement physical security measures to prevent unauthorized access to device hardware
Disable Debug Interfaces
allIf device supports disabling SWD/JTAG interfaces in firmware, apply configuration changes
🧯 If You Can't Patch
- Implement strict physical access controls to prevent unauthorized handling of devices
- Consider replacing vulnerable devices with updated models if firmware cannot be updated
🔍 How to Verify
Check if Vulnerable:
Check firmware version in Nuki app: Settings > Device Information > Firmware VersionCheck Version:
Not applicable - use Nuki mobile app interfaceVerify Fix Applied:
Confirm firmware version meets or exceeds patched versions listed in fix_official section📡 Detection & Monitoring
Log Indicators:
- Physical tampering indicators
- Unexpected device resets
- Firmware modification alerts
Network Indicators:
- None - physical access vulnerability
SIEM Query:
Not applicable - physical access attack leaves minimal digital traces🔗 References
- https://latesthackingnews.com/2022/07/28/multiple-security-flaws-found-in-nuki-smart-locks/
- https://nuki.io/en/security-updates/
- https://research.nccgroup.com/2022/07/25/technical-advisory-multiple-vulnerabilities-in-nuki-smart-locks-cve-2022-32509-cve-2022-32504-cve-2022-32502-cve-2022-32507-cve-2022-32503-cve-2022-32510-cve-2022-32506-cve-2022-32508-cve-2/
- https://www.hackread.com/nuki-smart-locks-vulnerabilities-plethora-attack-options/
- https://latesthackingnews.com/2022/07/28/multiple-security-flaws-found-in-nuki-smart-locks/
- https://nuki.io/en/security-updates/
- https://research.nccgroup.com/2022/07/25/technical-advisory-multiple-vulnerabilities-in-nuki-smart-locks-cve-2022-32509-cve-2022-32504-cve-2022-32502-cve-2022-32507-cve-2022-32503-cve-2022-32510-cve-2022-32506-cve-2022-32508-cve-2/
- https://www.hackread.com/nuki-smart-locks-vulnerabilities-plethora-attack-options/
