Lucene search
K

25 matches found

EUVD
EUVD
added 2025/12/10 9:31 p.m.7 views

EUVD-2025-202625

As UART download mode is still enabled on the ESP32 chip on which the firmware runs, an adversary can dump the flash from the device and retrieve sensitive information such as details about the current and previous Wi-Fi network from the NVS partition. Additionally, this allows the adversary to...

6.1AI score0.0031EPSS
Exploits0References3
Cvelist
Cvelist
added 2025/11/17 5:21 p.m.6 views

CVE-2025-64342 ESF-IDF's ESP32 Bluetooth Controller Has an Invalid Access Address Vulnerability

ESF-IDF is the Espressif Internet of Things IOT Development Framework. When the ESP32 is in advertising mode, if it receives a connection request containing an invalid Access Address AA of 0x00000000 or 0xFFFFFFFF, advertising may stop unexpectedly. In this case, the controller may incorrectly...

6.9CVSS0.00348EPSS
Exploits0References7
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2019-7795

Malware in sbrugna...

4.6CVSS5AI score0.00245EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2021-20835

Malware in sbrugna...

7.8CVSS7.6AI score0.01471EPSS
Exploits1References3
EUVD
EUVD
added 2025/10/03 8:7 p.m.6 views

EUVD-2025-7816

Malicious code in bioql PyPI...

6.8CVSS9.3AI score0.01258EPSS
Exploits1References15
EUVD
EUVD
added 2025/10/03 8:7 p.m.7 views

EUVD-2023-39813

Malicious code in bioql PyPI...

6.8CVSS6.7AI score0.00198EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2025/05/22 6:35 p.m.7 views

CVE-2021-34173

An attacker can cause a Denial of Service and kernel panic in v4.2 and earlier versions of Espressif esp32 via a malformed beacon csa frame. The device requires a reboot to recover...

7.8CVSS6.6AI score0.01471EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/03/10 12:31 a.m.14 views

CVE-2025-27840

Espressif ESP32 chips allow 29 hidden HCI commands, such as 0xFC02 Write memory...

6.8CVSS7.2AI score0.01258EPSS
Exploits1References1
NVD
NVD
added 2025/03/08 8:15 p.m.14 views

CVE-2025-27840

Espressif ESP32 chips allow 29 hidden HCI commands, such as 0xFC02 Write memory...

6.8CVSS0.01258EPSS
Exploits1References15
Vulnrichment
Vulnrichment
added 2025/03/08 12:0 a.m.8 views

CVE-2025-27840

Espressif ESP32 chips allow 29 hidden HCI commands, such as 0xFC02 Write memory...

6.8CVSS6.7AI score0.01258EPSS
Exploits1References15
CNNVD
CNNVD
added 2025/03/08 12:0 a.m.5 views

Espressif ESP32 安全漏洞

Espressif ESP32 is a microcontroller from China Loxin Espressif. A security vulnerability exists in the Espressif ESP32 that stems from hidden HCI commands that may result in memory writes...

6.8CVSS9.3AI score0.01258EPSS
Exploits1References8
Cvelist
Cvelist
added 2025/03/08 12:0 a.m.17 views

CVE-2025-27840

Espressif ESP32 chips allow 29 hidden HCI commands, such as 0xFC02 Write memory...

6.8CVSS0.01258EPSS
Exploits1References15
Positive Technologies
Positive Technologies
added 2025/03/08 12:0 a.m.5 views

PT-2025-10465

Name of the Vulnerable Software and Affected Versions Espressif ESP32 affected versions not specified Description The Espressif ESP32 chip contains 29 hidden HCI commands, such as 0xFC02 Write memory, which can be used for cyberattacks. These commands can be exploited to impersonate trusted...

6.8CVSS9.2AI score0.01258EPSS
Exploits1References130
CVE
CVE
added 2025/03/08 12:0 a.m.205 views

CVE-2025-27840

CVE-2025-27840 concerns Espressif ESP32 family chips. The public materials describe 29 hidden HCI/debug commands (notably 0xFC02: Write memory) that are undocumented and could enable memory writes in affected devices. Espressif explicitly states these are internal debug commands not remotely acce...

6.8CVSS7.2AI score0.01258EPSS
Exploits1References15Affected Software1
NVD
NVD
added 2023/07/17 4:15 p.m.22 views

CVE-2023-35818

An issue was discovered on Espressif ESP32 3.0 ESP32rev300 ROM devices. An EMFI attack on ECO3 provides the attacker with a capability to influence the PC value at the CPU context level, regardless of Secure Boot and Flash Encryption status. By using this capability, the attacker can exploit...

6.8CVSS0.00198EPSS
Exploits0References2
OSV
OSV
added 2023/07/17 4:15 p.m.5 views

CVE-2023-35818

An issue was discovered on Espressif ESP32 3.0 ESP32rev300 ROM devices. An EMFI attack on ECO3 provides the attacker with a capability to influence the PC value at the CPU context level, regardless of Secure Boot and Flash Encryption status. By using this capability, the attacker can exploit...

6.8CVSS5.8AI score0.00198EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2023/07/17 12:0 a.m.11 views

CVE-2023-35818

An issue was discovered on Espressif ESP32 3.0 ESP32rev300 ROM devices. An EMFI attack on ECO3 provides the attacker with a capability to influence the PC value at the CPU context level, regardless of Secure Boot and Flash Encryption status. By using this capability, the attacker can exploit...

7.1AI score0.00198EPSS
Exploits0References2
Cvelist
Cvelist
added 2023/07/17 12:0 a.m.22 views

CVE-2023-35818

An issue was discovered on Espressif ESP32 3.0 ESP32rev300 ROM devices. An EMFI attack on ECO3 provides the attacker with a capability to influence the PC value at the CPU context level, regardless of Secure Boot and Flash Encryption status. By using this capability, the attacker can exploit...

6.9AI score0.00198EPSS
Exploits0References2
CVE
CVE
added 2023/07/17 12:0 a.m.52 views

CVE-2023-35818

The CVE-2023-35818 issue affects Espressif ESP32 3.0 (ESP32_rev300 ROM). An EMFI attack on ECO3 allows an attacker to influence the program counter at CPU context level, independent of Secure Boot and Flash Encryption. This enables access to ROM download mode, potentially allowing reading of encr...

6.8CVSS6.6AI score0.00198EPSS
Exploits0References2Affected Software1
CNVD
CNVD
added 2021/07/15 12:0 a.m.17 views

Espressif esp32 has an unspecified vulnerability

Espressif ESP32 is a microcontroller from China Lexin Information Technology Espressif. espressif esp32 has a security vulnerability that allows an attacker to cause a denial of service and kernel crash via a misformatted beacon csa frame...

7.8CVSS3.6AI score0.01471EPSS
Exploits1References1
Rows per page
Query Builder