📦 Esp Idf
by Espressif
🔍 What is Esp Idf?
Description coming soon...
🛡️ Security Overview
Click on a severity to filter vulnerabilities
⚠️ Known Vulnerabilities
This vulnerability in ESP-IDF Bluetooth stack allows an attacker to trigger an out-of-bounds read by sending a malformed VENDOR DEPENDENT command when AVRCP is enabled on ESP32 devices. This could exp...
This vulnerability is an out-of-bounds write in the ESP-IDF Bluetooth host stack that occurs when more than 32 services are discovered during Bluetooth SDP. It affects IoT devices using vulnerable ESP...
This CVE describes a buffer overflow vulnerability in the ESP-IDF BlueDroid AVRCP stack. An attacker could send specially crafted Bluetooth AVRCP commands to cause out-of-bounds memory writes, potenti...
CVE-2024-53406 is an authentication bypass vulnerability in Espressif ESP-IDF v5.3.0 where the device reuses session keys during reconnection, allowing attackers to bypass authentication mechanisms. T...
This vulnerability in Espressif's ESP-IDF framework allows attackers to send specially crafted data channel packets that cause a denial of service condition. It affects devices running ESP-IDF version...
A memory corruption vulnerability in ESP-IDF's Bluetooth Mesh SDK allows attackers to trigger memory corruption during device provisioning by manipulating the SegN field in Transaction Start PDUs. Thi...
CVE-2020-16146 is a buffer overflow vulnerability in Espressif ESP-IDF's BluFi provisioning component. Attackers can exploit this by sending crafted Write Attribute commands to characteristic 0xFF01, ...
A use-after-free vulnerability in the ESP-IDF BLE provisioning transport layer allows remote attackers to trigger invalid memory access via Bluetooth Low Energy connections. This affects IoT devices u...
This vulnerability allows a remote Bluetooth Low Energy (BLE) client to trigger an out-of-bounds read and potential memory corruption in ESP-IDF devices during provisioning mode. By sending specially ...
This vulnerability in ESP-IDF's WPS Enrollee implementation allows integer underflow when processing malformed EAP-WSC packets with truncated payloads. An attacker can cause memory corruption by sendi...