8 matches found
CVE-2026-25507
ESF-IDF is the Espressif Internet of Things IOT Development Framework. In versions 5.5.2, 5.4.3, 5.3.4, 5.2.6, and 5.1.6, a use-after-free vulnerability was reported in the BLE provisioning transport protocommble layer. The issue can be triggered by a remote BLE client while the device is in...
CVE-2026-25508
ESF-IDF is the Espressif Internet of Things IOT Development Framework. In versions 5.5.2, 5.4.3, 5.3.4, 5.2.6, and 5.1.6, an out-of-bounds read vulnerability was reported in the BLE ATT Prepare Write handling of the BLE provisioning transport protocommble. The issue can be triggered by a remote B...
CVE-2026-25508 ESF-IDF Has Memory Safety Vulnerabilities in BLE Provisioning
ESF-IDF is the Espressif Internet of Things IOT Development Framework. In versions 5.5.2, 5.4.3, 5.3.4, 5.2.6, and 5.1.6, an out-of-bounds read vulnerability was reported in the BLE ATT Prepare Write handling of the BLE provisioning transport protocommble. The issue can be triggered by a remote B...
CVE-2026-25507 ESF-IDF Has Use-after-free Vulnerability in BLE Provisioning
ESF-IDF is the Espressif Internet of Things IOT Development Framework. In versions 5.5.2, 5.4.3, 5.3.4, 5.2.6, and 5.1.6, a use-after-free vulnerability was reported in the BLE provisioning transport protocommble layer. The issue can be triggered by a remote BLE client while the device is in...
CVE-2026-25507 ESF-IDF Has Use-after-free Vulnerability in BLE Provisioning
ESF-IDF is the Espressif Internet of Things IOT Development Framework. In versions 5.5.2, 5.4.3, 5.3.4, 5.2.6, and 5.1.6, a use-after-free vulnerability was reported in the BLE provisioning transport protocommble layer. The issue can be triggered by a remote BLE client while the device is in...
CVE-2025-68474 ESF-IDF Has Out-of-Bounds Write in ESP32 Bluetooth AVRCP Vendor Command Handling
ESF-IDF is the Espressif Internet of Things IOT Development Framework. In versions 5.5.1, 5.4.3, 5.3.4, 5.2.6, 5.1.6, and earlier, in the avrcvendormsg function of the ESP-IDF BlueDroid AVRCP stack, the allocated buffer size was validated using AVRCMINCMDLEN 20 bytes. However, the actual fixed...
PT-2025-53611
Name of the Vulnerable Software and Affected Versions ESF-IDF versions 5.5.1 through 5.1.6 Description ESF-IDF, the Espressif Internet of Things IOT Development Framework, contains a flaw in the avrc vendor msg function within the BlueDroid AVRCP stack. The function validates the allocated buffer...
CVE-2025-65092 ESP32-P4 JPEG Decoder Header Parsing Vulnerability
ESF-IDF is the Espressif Internet of Things IOT Development Framework. In versions 5.5.1, 5.4.3, and 5.3.4, when the ESP32-P4 uses its hardware JPEG decoder, the software parser lacks necessary validation checks. A specially crafted malicious JPEG image could exploit the parsing routine and trigg...