We found and responsibly disclosed vulnerabilities in the Nanoleaf smart lamp firmware. We performed extensive research on their embedded devices and analyzed several attack surfaces. At the end of the research period, we managed to remotely take over devices by (locally) hijacking a communications channel used for debugging. The conclusion was that a malicious actor could redirect network traffic to hack arbitrary Nanoleaf lamps, regardless of any firewalls.
The vulnerability got allocated CVE-2022-47758.