CVE-2020-16146

2021-01-1203:15:12

Google

osv.dev

7.1 High

AI Score

Confidence

High

0.002 Low

EPSS

Percentile

53.2%

JSON

Espressif ESP-IDF 2.x, 3.0.x through 3.0.9, 3.1.x through 3.1.7, 3.2.x through 3.2.3, 3.3.x through 3.3.2, and 4.0.x through 4.0.1 has a Buffer Overflow in BluFi provisioning in btc_blufi_recv_handler function in blufi_prf.c. An attacker can send a crafted BluFi protocol Write Attribute command to characteristic 0xFF01. With manipulated packet fields, there is a buffer overflow.

CPENameOperatorVersion
esp-idfeq3.1.2
esp-idfeq3.2.2
esp-idfeq3.3.1
esp-idfeq3.2.3
esp-idfeq4.0-rc
esp-idfeq3.3.2
esp-idfeq3.0.4-rc1
esp-idfeq3.0.5-rc
esp-idfeq3.0.6
esp-idfeq3.0.3-rc

Name	Operator	Version
esp-idf	eq	3.1.2
esp-idf	eq	3.2.2
esp-idf	eq	3.3.1
esp-idf	eq	3.2.3
esp-idf	eq	4.0-rc
esp-idf	eq	3.3.2
esp-idf	eq	3.0.4-rc1
esp-idf	eq	3.0.5-rc
esp-idf	eq	3.0.6
esp-idf	eq	3.0.3-rc