Lucene search
+L

175 matches found

cve
cve
added 2023/07/17 12:0 a.m.61 views

CVE-2023-35818

The CVE-2023-35818 issue affects Espressif ESP32 3.0 (ESP32_rev300 ROM). An EMFI attack on ECO3 allows an attacker to influence the program counter at CPU context level, independent of Secure Boot and Flash Encryption. This enables access to ROM download mode, potentially allowing reading of encr...

6.8CVSS6.6AI score0.00198EPSS
Exploits0References2Affected Software1
cvelist
cvelist
added 2022/09/29 1:42 a.m.32 views

CVE-2020-11015 Device Authentication Vulnerability in thinx-device-api IoT Device Management Server

A vulnerability has been disclosed in thinx-device-api IoT Device Management Server before version 2.5.0. Device MAC address can be spoofed. This means initial registration requests without UDID and spoofed MAC address may pass to create new UDID with same MAC address. Full impact needs to be...

7.5CVSS9.2AI score0.00737EPSS
Exploits0References1
cve
cve
added 2022/09/29 1:42 a.m.48 views

CVE-2020-11015

CVE-2020-11015 affects the thinx-device-api IoT Device Management Server prior to firmware 2.5.0. The root issue allows a spoofed MAC address to bypass UDID checks during initial registration, potentially enabling creation of a new UDID with the same MAC address (noted to apply to ESP8266/ESP32 d...

9.1CVSS8.5AI score0.00737EPSS
Exploits0References1Affected Software1
bdu_fstec
bdu_fstec
added 2022/06/29 12:0 a.m.7 views

The vulnerability of the first-stage bootloader in ESP32 microcontrollers’ microprogramming software allows a hacker to obtain secure boot keys.

The vulnerability of the first-stage Secure Boot loader of ESP32 microcontrollers’ microprogramming software is related to insufficient handling of exceptional states. Exploiting this vulnerability can allow attackers to obtain secure boot keys...

4.9CVSS5.5AI score0.00245EPSS
Exploits0References2
threatpost
threatpost
added 2021/11/05 5:0 p.m.38 views

BrakTooth Bluetooth Bugs Bite: Exploit Code, PoC Released

The embargo period is over for a proof-of-concept PoC tool to test for the recently revealed BrakTooth flaws in Bluetooth devices, and the researchers who discovered them have released both the test kit and full exploit code for the bugs. BrakTooth is a collection of flaws affecting commercial...

8.5AI score
Exploits0References20
bdu_fstec
bdu_fstec
added 2021/10/08 12:0 a.m.6 views

The vulnerability of the Bluetooth Classic implementation of the microprogramming software for the ESP-WROVER-KIT development board, which is used for the ESP32 Wi-Fi/Bluetooth module series, allows a hacker to execute arbitrary code.

The vulnerability of the Bluetooth Classic implementation of the microprogramming software for the ESP-WROVER-KIT development board for the ESP32 Wi-Fi/Bluetooth series modules is related to insufficient verification of input data. Exploiting this vulnerability could allow a remote attacker to...

6.5CVSS7AI score0.00452EPSS
Exploits0References4Affected Software1
prion
prion
added 2021/09/28 4:15 p.m.16 views

Default credentials

ESPHome is a system to control the ESP8266/ESP32. Anyone with webserver enabled and HTTP basic auth configured on version 2021.9.1 or older is vulnerable to an issue in which webserver allows over-the-air OTA updates without checking user defined basic auth username & password. This issue is...

4.3CVSS7.3AI score0.01175EPSS
Exploits0References3Affected Software1
osv
osv
added 2021/09/28 4:15 p.m.35 views

PYSEC-2021-351

ESPHome is a system to control the ESP8266/ESP32. Anyone with webserver enabled and HTTP basic auth configured on version 2021.9.1 or older is vulnerable to an issue in which webserver allows over-the-air OTA updates without checking user defined basic auth username & password. This issue is...

7.5CVSS3.1AI score0.01175EPSS
Exploits0References4
nvd
nvd
added 2021/09/07 6:15 a.m.22 views

CVE-2021-28135

The Bluetooth Classic implementation in Espressif ESP-IDF 4.4 and earlier does not properly handle the reception of continuous unsolicited LMP responses, allowing attackers in radio range to trigger a denial of service crash in ESP32 by flooding the target device with LMP Feature Response data...

6.5CVSS0.00854EPSS
Exploits0References4
prion
prion
added 2021/09/07 6:15 a.m.21 views

Memory corruption

The Bluetooth Classic implementation in Espressif ESP-IDF 4.4 and earlier does not properly handle the reception of multiple LMP IO Capability Request packets during the pairing process, allowing attackers in radio range to trigger memory corruption and consequently a crash in ESP32 via a replaye...

3.3CVSS6.6AI score0.00872EPSS
Exploits0References4Affected Software1
cvelist
cvelist
added 2021/09/07 5:52 a.m.32 views

CVE-2021-28136

The Bluetooth Classic implementation in Espressif ESP-IDF 4.4 and earlier does not properly handle the reception of multiple LMP IO Capability Request packets during the pairing process, allowing attackers in radio range to trigger memory corruption and consequently a crash in ESP32 via a replaye...

6.8AI score0.00872EPSS
Exploits0References4
malwarebytes
malwarebytes
added 2021/09/02 4:24 p.m.70 views

BrakTooth Bluetooth vulnerabilities, crash all the devices!

Security researchers have revealed details about a set of 16 vulnerabilities that impact the Bluetooth software stack that ships with System-on-Chip SoC boards from several popular vendors. The same group of researchers disclosed the SweynTooth vulnerabilities in February 2020. They decided to du...

8.3CVSS9.2AI score0.0139EPSS
Exploits0
cnvd
cnvd
added 2021/07/15 12:0 a.m.37 views

Espressif esp32 has an unspecified vulnerability

Espressif ESP32 is a microcontroller from China Lexin Information Technology Espressif. espressif esp32 has a security vulnerability that allows an attacker to cause a denial of service and kernel crash via a misformatted beacon csa frame...

7.8CVSS3.6AI score0.01471EPSS
Exploits1References1
nvd
nvd
added 2021/07/14 7:15 p.m.15 views

CVE-2021-34173

An attacker can cause a Denial of Service and kernel panic in v4.2 and earlier versions of Espressif esp32 via a malformed beacon csa frame. The device requires a reboot to recover...

7.8CVSS0.01471EPSS
Exploits1References2
prion
prion
added 2021/07/14 7:15 p.m.18 views

Design/Logic Flaw

An attacker can cause a Denial of Service and kernel panic in v4.2 and earlier versions of Espressif esp32 via a malformed beacon csa frame. The device requires a reboot to recover...

7.8CVSS7.2AI score0.01471EPSS
Exploits1References2Affected Software1
cve
cve
added 2021/07/14 6:32 p.m.69 views

CVE-2021-34173

The CVE-2021-34173 entry affects Espressif ESP32 (v4.2 and earlier). The root cause is a malformed beacon CSA frame that can trigger a denial of service and kernel panic, requiring a reboot to recover. Public descriptions consistently state DoS/kernel panic without detailing patches or exploitati...

7.8CVSS7.2AI score0.01471EPSS
Exploits1References2Affected Software1
ptsecurity
ptsecurity
added 2020/09/14 12:0 a.m.5 views

PT-2020-14144 · Espressif · Esp32

Name of the Vulnerable Software and Affected Versions: Espressif ESP32 affected versions not specified Description: The issue concerns bypassing flash encryption by leveraging a design weakness in combination with EMFI. This allows for potential unauthorized access to encrypted data. There is no...

6.6AI score
Exploits0References8
nvd
nvd
added 2020/08/31 3:15 p.m.18 views

CVE-2020-13594

The Bluetooth Low Energy BLE controller implementation in Espressif ESP-IDF 4.2 and earlier for ESP32 devices does not properly restrict the channel map field of the connection request packet on reception, allowing attackers in radio range to cause a denial of service crash via a crafted packet...

6.5CVSS6.3AI score0.00756EPSS
Exploits0References3
nvd
nvd
added 2020/08/31 3:15 p.m.19 views

CVE-2020-13595

The Bluetooth Low Energy BLE controller implementation in Espressif ESP-IDF 4.0 through 4.2 for ESP32 devices returns the wrong number of completed BLE packets and triggers a reachable assertion on the host stack when receiving a packet with an MIC failure. An attacker within radio range can...

6.5CVSS6.4AI score0.0087EPSS
Exploits0References3
osv
osv
added 2020/08/31 3:15 p.m.16 views

CVE-2020-13594

The Bluetooth Low Energy BLE controller implementation in Espressif ESP-IDF 4.2 and earlier for ESP32 devices does not properly restrict the channel map field of the connection request packet on reception, allowing attackers in radio range to cause a denial of service crash via a crafted packet...

6.5CVSS6.7AI score
Exploits0References3
Rows per page
Query Builder