48 matches found
CVE-2025-68657 espressif/usb_host_hid Double-Free Race Condition in USB Host HID Device Close Path
Espressif ESP-IDF USB Host HID Human Interface Device Driver allows access to HID devices. Prior to 1.1.0, calls to hidhostdeviceclose can free the same usbtransfert twice. The USB event callback and user code share the hidifacet state without locking, so both can tear down a READY interface...
PT-2026-2284
Name of the Vulnerable Software and Affected Versions Espressif ESP-IDF versions prior to 1.1.0 Description The USB Host HID Human Interface Device Driver in ESP-IDF allows access to HID devices. A flaw exists in the usb class request get descriptor function where it frees and reallocates hid...
CVE-2018-18558
An issue was discovered in Espressif ESP-IDF 2.x and 3.x before 3.0.6 and 3.1.x before 3.1.1. Insufficient validation of input data in the 2nd stage bootloader allows a physically proximate attacker to bypass secure boot checks and execute arbitrary code, by crafting an application binary that...
CVE-2021-28139
The Bluetooth Classic implementation in Espressif ESP-IDF 4.4 and earlier does not properly restrict the Feature Page upon reception of an LMP Feature Response Extended packet, allowing attackers in radio range to trigger arbitrary code execution in ESP32 via a crafted Extended Features bitfield...
Espressif ESP-IDF 代码问题漏洞
Espressif ESP-IDF is an Internet of Things IoT development framework from China Loxin Espressif. A code issue vulnerability exists in Espressif ESP-IDF that stems from improper handling of invalid access addresses, which could lead to advertisement stops and false connection reports...
EUVD-2020-8112
Malware in sbrugna...
EUVD-2021-14838
Malware in sbrugna...
EUVD-2018-10278
Malware in sbrugna...
EUVD-2021-14835
Malware in sbrugna...
EUVD-2020-5841
Malware in sbrugna...
CVE-2020-13595
The Bluetooth Low Energy BLE controller implementation in Espressif ESP-IDF 4.0 through 4.2 for ESP32 devices returns the wrong number of completed BLE packets and triggers a reachable assertion on the host stack when receiving a packet with an MIC failure. An attacker within radio range can...
CVE-2020-16146
Espressif ESP-IDF 2.x, 3.0.x through 3.0.9, 3.1.x through 3.1.7, 3.2.x through 3.2.3, 3.3.x through 3.3.2, and 4.0.x through 4.0.1 has a Buffer Overflow in BluFi provisioning in btcblufirecvhandler function in blufiprf.c. An attacker can send a crafted BluFi protocol Write Attribute command to...
CVE-2019-15894
An issue was discovered in Espressif ESP-IDF 2.x, 3.0.x through 3.0.9, 3.1.x through 3.1.6, 3.2.x through 3.2.3, and 3.3.x through 3.3.1. An attacker who uses fault injection to physically disrupt the ESP32 CPU can bypass the Secure Boot digest verification at startup, and boot unverified code fr...
CVE-2024-53406
Espressif Esp idf v5.3.0 is vulnerable to Insecure Permissions resulting in Authentication bypass. In the reconnection phase, the device reuses the session key from a previous connection session, creating an opportunity for attackers to execute security bypass attacks...
CVE-2024-53406
Espressif Esp idf v5.3.0 is vulnerable to Insecure Permissions resulting in Authentication bypass. In the reconnection phase, the device reuses the session key from a previous connection session, creating an opportunity for attackers to execute security bypass attacks...
CVE-2024-51428
An issue in Espressif Esp idf v5.3.0 allows attackers to cause a Denial of Service DoS via a crafted data channel packet...
PT-2024-34631 · Espressif · Espressif Esp-Idf
Name of the Vulnerable Software and Affected Versions: Espressif Esp idf version 5.3.0 Description: The issue allows attackers to cause a Denial of Service DoS via a crafted data channel packet. This can be exploited by sending a specially crafted packet to the affected system. Recommendations: F...
CVE-2024-51428
An issue in Espressif Esp idf v5.3.0 allows attackers to cause a Denial of Service DoS via a crafted data channel packet...
CVE-2024-51428
CVE-2024-51428 affects Espressif ESP-IDF, specifically version 5.3.0 , where a vulnerability in the data channel handling can allow an unauthenticated attacker to cause a Denial of Service (DoS) by sending a crafted data channel packet. The available documents consistently describe DoS impact but...
The vulnerability of the Bluetooth Classic environment for developing IoT applications allows a attacker to execute arbitrary code.
The vulnerability of the Espressif esp-idf software is related to incorrect code generation management. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...