CVE-2022-32508 :: Enginsight Vulnerability Database

Provider	Type	Base Score	Atk. Vector	Atk. Complexity	Priv. Required	Vector
NIST	Primary	7.5 HIGH	NETWORK	LOW	NONE	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Base Score

CVSS 3.x

EPSS Score

Percentile: Unknown

Early Detection

Affected products identified ahead of NVD analysis through intelligence sources.

Vendor	Product	Version	Source
nuki	bridge_v1	𝑥 < 1.22.0	ADP
nuki	bridge_v2	𝑥 < 2.13.2	ADP

Common Weakness Enumeration

CWE-400 - Uncontrolled Resource Consumption
The software does not properly control the allocation and maintenance of a limited resource, thereby enabling an actor to influence the amount of resources consumed, eventually leading to the exhaustion of available resources.

References

https://latesthackingnews.com/2022/07/28/multiple-security-flaws-found-in-nuki-smart-locks/

https://nuki.io/en/security-updates/

https://research.nccgroup.com/2022/07/25/technical-advisory-multiple-vulnerabilities-in-nuki-smart-locks-cve-2022-32509-cve-2022-32504-cve-2022-32502-cve-2022-32507-cve-2022-32503-cve-2022-32510-cve-2022-32506-cve-2022-32508-cve-2/

https://www.hackread.com/nuki-smart-locks-vulnerabilities-plethora-attack-options/

https://latesthackingnews.com/2022/07/28/multiple-security-flaws-found-in-nuki-smart-locks/

https://nuki.io/en/security-updates/

https://research.nccgroup.com/2022/07/25/technical-advisory-multiple-vulnerabilities-in-nuki-smart-locks-cve-2022-32509-cve-2022-32504-cve-2022-32502-cve-2022-32507-cve-2022-32503-cve-2022-32510-cve-2022-32506-cve-2022-32508-cve-2/

https://www.hackread.com/nuki-smart-locks-vulnerabilities-plethora-attack-options/