CVE advisoryCRITICAL
CVE-2022-47758
Nanoleaf Firmware TLS Verification Bypass Allows Code Execution Via DNS Hijacking.
Halo Surface Signal: 1 out of 5 — much less likely to be public-facing.
Nanoleaf firmware has a vulnerability where missing TLS verification can allow attackers to execute arbitrary code via DNS hijacking. This could impact device operation and potentially expose information, though the specific business impact is uncertain due to the technology typically residing on private networks.