The security flaw was discovered is in the ZigBee wireless communication protocol that is used by a wide range of smart home devices. Researchers at Check Point discovered the issue and developed an attack that allowed them to hack into other devices on the same network as the vulnerable Philips Hue bulb. An attacker can jump to other systems on the network using known exploits, such as the infamous EternalBlue. Check Point reported their finding to Signify, the Philips Hue parent company, who acknowledged the vulnerability and fixed it in firmware version 1935144040.
Source: https://www.bleepingcomputer.com/news/security/bug-in-philips-smart-light-allows-hopping-to-devices-on-the-network/