An issue exists on certain Nuki Home Solutions devices. The code used to parse the JSON objects received from the WebSocket service provided by the device leads to a stack buffer overflow. An attacker would be able to exploit this to gain arbitrary code execution on a KeyTurner device. This affects Nuki Smart Lock 3.0 prior to 3.3.5 and 2.0 prior to 2.12.4, as well as Nuki Bridge v1 prior to 1.22.0 and v2 prior to 2.13.2.