CVE-2025-64342

CVE-2025-64342 affects ESF-IDF (Espressif IoT Development Framework) used with ESP32 Bluetooth controller. When in advertising mode, receiving a connection request with an invalid Access Address (AA) of 0x00000000 or 0xFFFFFFFF may cause advertising to stop unexpectedly and the controller to repo...

CVE-2025-64342 ESF-IDF's ESP32 Bluetooth Controller Has an Invalid Access Address Vulnerability

ESF-IDF is the Espressif Internet of Things IOT Development Framework. When the ESP32 is in advertising mode, if it receives a connection request containing an invalid Access Address AA of 0x00000000 or 0xFFFFFFFF, advertising may stop unexpectedly. In this case, the controller may incorrectly...

PT-2024-24755 · Samsung · Samsung Galaxy Smarttag2

Name of the Vulnerable Software and Affected Versions: Samsung Galaxy SmartTag2 versions prior to 0.20.04 Description: The issue allows attackers to potentially identify the tag's location by scanning the BLE advertising, exposing sensitive information to unauthorized actors. Recommendations: For...

CVE-2023-21423

Improper authorization vulnerability in ChnFileShareKit prior to SMR Jan-2023 Release 1 allows attacker to control BLE advertising without permission using unprotected action...