Information about Nuki security updates

According to our core values, Smart – Simple – Secure, we set the highest security standards for our products. After all, with Nuki we provide easy access to your own home, and this must be secure. Always. Around the clock.

To ensure the protection of our customers, we do not publish, discuss or confirm any security issues until we have investigated and resolved the issue, if any, and corresponding security updates are available to all customers.

If you think you have found a security or privacy vulnerability in a Nuki product, please contact
responsible-disclosure@nuki.io.

Upon receiving your message, we commit to providing a response within the upcoming 5 working days, adhering to our core business hours (Monday to Friday, 9am – 6pm CET). This response will be aimed at aligning on potential further steps as needed.

Tip: Install the latest Nuki updates!


In order to ensure the security level of your Nuki products, you should always keep the software up to date. Find out how to update your devices in this article.

Nuki security updates

2022.6

CVE-2022-32509, CVE-2022-32504,
CVE-2022-32502, CVE-2022-32507,
CVE-2022-32503, CVE-2022-32510,
CVE-2022-32506, CVE-2022-32508,
CVE-2022-32505 (reported by NCC Group)

Devices

Nuki Smart Lock 3.0 (Pro)
Nuki Smart Lock 2.0
Nuki Opener
Nuki Bridge (1.0)
Nuki Bridge (2.0)
Nuki Keypad
Nuki Fob

Version

3.3.5
2.12.4
1.8.1
1.22.0
2.13.2
1.9.2
1.8.1

2022.3

The randomly generated challenge for the challenge response authorization flow is not truly random in some cases.

Devices

Nuki Smart Lock 2.0
Nuki Opener

Version

2.12.1
1.8.0

2020.7

SweynTooth Bluetooth® Low Energy (BLE) Vulnerability

Devices

Nuki Smart Lock 2.0
Nuki Smart Lock 1.0

Version

2.7.20/2.7.30
1.9.3/1.9.6

2017.10

KRACK WPA2 Vulnerability

Devices

Nuki Bridge (1.0)

Version

1.1.0