Login Sign Up

CVE-2025-64342

N/A Unknown
Denial of Service

📋 TL;DR

This vulnerability in ESP-IDF allows attackers to disrupt Bluetooth Low Energy advertising on ESP32 devices by sending connection requests with invalid Access Addresses (0x00000000 or 0xFFFFFFFF). This causes the device to incorrectly report successful connections, potentially disrupting IoT device functionality. All ESP32 devices using vulnerable ESP-IDF versions in advertising mode are affected.

💻 Affected Systems

Products:
  • ESP32 devices using ESP-IDF framework
Versions: ESP-IDF versions before 5.5.2, 5.4.3, 5.3.5, 5.2.6, and 5.1.7
Operating Systems: ESP-IDF framework
Default Config Vulnerable: ⚠️ Yes
Notes: Only affects devices in Bluetooth Low Energy advertising mode; other ESP32 functions remain unaffected.

⚠️ Manual Verification Required

This CVE does not have specific version information in our database, so automatic vulnerability detection cannot determine if your system is affected.

Why? The CVE database entry doesn't specify which versions are vulnerable (no version ranges provided by the vendor/NVD).

🔒 Custom verification scripts are available for registered users. Sign up free to download automated test scripts.

Recommended Actions:
  1. Review the CVE details at NVD
  2. Check vendor security advisories for your specific version
  3. Test if the vulnerability is exploitable in your environment
  4. Consider updating to the latest version as a precaution

⚠️ Risk & Real-World Impact

🔴

Worst Case

Persistent denial of service where ESP32 devices cannot establish legitimate Bluetooth connections, disrupting IoT device functionality and availability.

🟠

Likely Case

Temporary disruption of Bluetooth advertising and connection capabilities, requiring device restart or reinitialization to restore functionality.

🟢

If Mitigated

Minimal impact with proper network segmentation and monitoring; devices automatically recover after attack stops.

🌐 Internet-Facing: MEDIUM - Requires proximity for Bluetooth attacks but IoT devices often deployed in accessible locations.
🏢 Internal Only: LOW - Bluetooth range limitations restrict attack surface to physical proximity.

🎯 Exploit Status

Public PoC: ✅ No
Weaponized: UNKNOWN
Unauthenticated Exploit: ⚠️ Yes
Complexity: LOW

Exploitation requires Bluetooth proximity and ability to send crafted connection requests; no authentication needed.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: ESP-IDF 5.5.2, 5.4.3, 5.3.5, 5.2.6, or 5.1.7

Vendor Advisory: https://github.com/espressif/esp-idf/commits

Restart Required: Yes

Instructions:

1. Update ESP-IDF to patched version using git pull or downloading release. 2. Recompile your application with updated framework. 3. Flash updated firmware to ESP32 devices. 4. Restart devices to apply changes.

🔧 Temporary Workarounds

Disable BLE advertising when not needed

all

Configure application to only enable Bluetooth advertising when required for functionality

// In application code: esp_ble_gap_stop_advertising() when not needed

Implement connection validation

all

Add application-layer validation to confirm legitimate connections before processing

// Verify connection parameters before accepting in application logic

🧯 If You Can't Patch

  • Implement network segmentation to limit Bluetooth exposure to trusted devices only
  • Add monitoring for unexpected advertising stoppage and implement automatic restart procedures

🔍 How to Verify

Check if Vulnerable:

Check ESP-IDF version in project: 'git describe --tags' in ESP-IDF directory or examine sdkconfig.h for version macros

Check Version:

grep -r "IDF_VER" components/esp_common/include/esp_idf_version.h or check project configuration

Verify Fix Applied:

Verify ESP-IDF version is 5.5.2, 5.4.3, 5.3.5, 5.2.6, or 5.1.7; test BLE advertising with invalid AA packets to confirm resilience

📡 Detection & Monitoring

Log Indicators:

  • Unexpected advertising stoppage logs
  • Connection events with invalid parameters
  • ESP32 BLE stack error messages

Network Indicators:

  • Bluetooth connection attempts with AA 0x00000000 or 0xFFFFFFFF
  • Unusual BLE traffic patterns near devices

SIEM Query:

NOT_AVAILABLE - Requires Bluetooth-specific monitoring tools

📊 Metadata

CVE ID: CVE-2025-64342
CVSS v3 Score: N/A (Unknown)
CWE: CWE-754
EPSS Score: 0.08% exploit probability (22.6th percentile)
Published: November 17, 2025
Last Updated: November 18, 2025

🔗 References

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2025-64342, you might also want to check these:

CVE-2026-24054 10.0

A vulnerability in Kata Containers allows malformed container images with no layers to cause the hos...

Same vulnerability type (CWE-754)
CVE-2021-0211 10.0

This vulnerability in Juniper Networks Junos OS and Junos OS Evolved allows attackers to send specia...

Same vulnerability type (CWE-754)
CVE-2024-3729 9.8

This vulnerability in the Frontend Admin WordPress plugin allows unauthenticated attackers to manipu...

Same vulnerability type (CWE-754)