CVE-2025-65821

As UART download mode is still enabled on the ESP32 chip on which the firmware runs, an adversary can dump the flash from the device and retrieve sensitive information such as details about the current and previous Wi-Fi network from the NVS partition. Additionally, this allows the adversary to...

CVE-2025-65821

As UART download mode is still enabled on the ESP32 chip on which the firmware runs, an adversary can dump the flash from the device and retrieve sensitive information such as details about the current and previous Wi-Fi network from the NVS partition. Additionally, this allows the adversary to...

CVE-2020-13595

The Bluetooth Low Energy BLE controller implementation in Espressif ESP-IDF 4.0 through 4.2 for ESP32 devices returns the wrong number of completed BLE packets and triggers a reachable assertion on the host stack when receiving a packet with an MIC failure. An attacker within radio range can...

The vulnerabilities of the API interfaces of microprogramming software for thermal scanning systems like FeverWarn ESP32, FeverWarn RaspberryPi, and the FeverWarn DataHub RaspberryPi, which allow attackers to gain unauthorized access to protected information.

The vulnerability of the API interfaces of microprogramming software for thermal scanning systems like FeverWarn ESP32, FeverWarn RaspberryPi, and the FeverWarn DataHub RaspberryPi involves the absence of authentication procedures for critical functions. Exploiting this vulnerability could allow ...