Information about Nuki security updates
According to our core values, Smart – Simple – Secure, we set the highest security standards for our products. After all, with Nuki we provide easy access to your own home, and this must be secure. Always. Around the clock.
To ensure the protection of our customers, we do not publish, discuss or confirm any security issues until we have investigated and resolved the issue, if any, and corresponding security updates are available to all customers.
If you think you have found a security or privacy vulnerability in a Nuki product, please contact
responsible-disclosure@nuki.io.
Upon receiving your message, we commit to providing a response within the upcoming 5 working days, adhering to our core business hours (Monday to Friday, 9am – 6pm CET). This response will be aimed at aligning on potential further steps as needed.
Tip: Install the latest Nuki updates!
In order to ensure the security level of your Nuki products, you should always keep the software up to date. Find out how to update your devices in our blog post.
Nuki security updates
CVE-2022-32509, CVE-2022-32504,
CVE-2022-32502, CVE-2022-32507,
CVE-2022-32503, CVE-2022-32510,
CVE-2022-32506, CVE-2022-32508,
CVE-2022-32505 (reported by NCC Group)
Nuki Smart Lock 3.0 (Pro)
Nuki Smart Lock 2.0
Nuki Opener
Nuki Bridge (1.0)
Nuki Bridge (2.0)
Nuki Keypad
Nuki Fob
3.3.5
2.12.4
1.8.1
1.22.0
2.13.2
1.9.2
1.8.1
The randomly generated challenge for the challenge response authorization flow is not truly random in some cases.
Nuki Smart Lock 2.0
Nuki Opener
2.12.1
1.8.0
SweynTooth Bluetooth® Low Energy (BLE) Vulnerability
Nuki Smart Lock 2.0
Nuki Smart Lock 1.0
2.7.20/2.7.30
1.9.3/1.9.6
KRACK WPA2 Vulnerability
Nuki Bridge (1.0)
1.1.0
