Security Advisory

CVE-2022-32507

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2024-05-09 19:39:59

Last updated 2025-02-13 15:46:26

Assigner mitre

State PUBLISHED

Description

An issue was discovered on certain Nuki Home Solutions devices. Some BLE commands, which should have been designed to be only called from privileged accounts, could also be called from unprivileged accounts. This demonstrates that no access controls were implemented for the different BLE commands across the different accounts. This affects Nuki Smart Lock 3.0 before 3.3.5 and Nuki Smart Lock 2.0 before 2.12.4.

← Browse all CVEs View on cve.org ↗