CVE-2022-32506

CVSS 6.4 MEDIUMEPSS 0.4%CWE-1263

In short

An attacker with physical access to Nuki Smart Lock and Bridge devices can use debug features on the circuit board to control the device's processor, access or modify its firmware and stored data. This vulnerability requires opening the device, but once accessed, allows complete compromise of the lock's security.

Technical detail

The vulnerability exploits exposed SWD (Serial Wire Debug) interfaces on affected Nuki devices, allowing an attacker with physical access to debug the ARM processor, read/write internal and external flash memory, and modify firmware execution. This affects Nuki Smart Lock 2.0, 3.0, and Bridge v1/v2 models before specified patch versions, enabling arbitrary code execution and credential extraction.

Summary generated and translated by AI from the official description.

An issue was discovered on certain Nuki Home Solutions devices. An attacker with physical access to the circuit board could use the SWD debug features to control the execution of code on the processor and debug the firmware, as well as read or alter the content of the internal and external flash memory. This affects Nuki Smart Lock 3.0 before 3.3.5, Nuki Smart Lock 2.0 before 2.12.4, as well as Nuki Bridge v1 before 1.22.0 and v2 before 2.13.2.

CVSS:3.1/AV:P/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

Affected products

n/a · n/a

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →

References

https://latesthackingnews.com/2022/07/28/multiple-security-flaws-found-in-nuki-smart-locks/https://nuki.io/en/security-updates/https://research.nccgroup.com/2022/07/25/technical-advisory-multiple-vulnerabilities-in-nuki-smart-locks-cve-2022-32509-cve-2022-32504-cve-2022-32502-cve-2022-32507-cve-2022-32503-cve-2022-32510-cve-2022-32506-cve-2022-32508-cve-2/https://www.hackread.com/nuki-smart-locks-vulnerabilities-plethora-attack-options/