EUVD-2025-7816

🗓️ 03 Oct 2025 20:07:09Reported by EUVDType

Espressif ESP32 chips support 29 hidden HCI commands including 0xFC02 for memory writing.

Reporter	Title	Published	Views	Family All 9
Circl	CVE-2025-27840	8 Mar 202520:39	–	circl
CNNVD	Espressif ESP32 安全漏洞	8 Mar 202500:00	–	cnnvd
CVE	CVE-2025-27840	8 Mar 202500:00	–	cve
Cvelist	CVE-2025-27840	8 Mar 202500:00	–	cvelist
NVD	CVE-2025-27840	8 Mar 202520:15	–	nvd
Positive Technologies	PT-2025-10465	8 Mar 202500:00	–	ptsecurity
RedhatCVE	CVE-2025-27840	10 Mar 202500:31	–	redhatcve
The Hacker News	⚡ THN Weekly Recap: Router Hacks, PyPI Attacks, New Ransomware Decryptor, and More	17 Mar 202511:25	–	thn
Vulnrichment	CVE-2025-27840	8 Mar 202500:00	–	vulnrichment

[
  {
    "enisaIdVendor": [
      {
        "id": "1add914c-b23a-3468-adad-97feb1fa6863",
        "vendor": {
          "name": "espressif"
        }
      }
    ],
    "enisaIdProduct": [
      {
        "id": "f7bb3246-7798-39a0-a540-51e3d02ea5b3",
        "product": {
          "name": "ESP32"
        },
        "product_version": "2025-03-06"
      }
    ]
  }
]

Source	Link
github	www.github.com/TarlogicSecurity/Talks/blob/main/2025_RootedCon_BluetoothTools.pdf
x	www.x.com/pascal_gujer/status/1898442439704158276
tarlogic	www.tarlogic.com/news/backdoor-esp32-chip-infect-ot-devices/
bleepingcomputer	www.bleepingcomputer.com/news/security/undocumented-backdoor-found-in-bluetooth-chip-used-by-a-billion-devices/
reg	www.reg.rootedcon.com/cfp/schedule/talk/5
flyingpenguin	www.flyingpenguin.com/
github	www.github.com/em0gi/CVE-2025-27840
github	www.github.com/orgs/espruino/discussions/7699
bleepingcomputer	www.bleepingcomputer.com/news/security/undocumented-commands-found-in-bluetooth-chip-used-by-a-billion-devices/
darkmentor	www.darkmentor.com/blog/esp32_non-backdoor/

03 Oct 2025 20:07Current

9.3High risk

Vulners AI Score9.3

CVSS 3.16.8

EPSS0.00565

SSVC