Vulnerabilities (CVE)

Filtered by vendor Espressif Subscribe
Filtered by product Esp32
Total 6 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2021-41104 2 Esphome, Espressif 3 Esphome Firmware, Esp32, Esp8266 2024-11-21 4.3 MEDIUM 7.5 HIGH
ESPHome is a system to control the ESP8266/ESP32. Anyone with web_server enabled and HTTP basic auth configured on version 2021.9.1 or older is vulnerable to an issue in which `web_server` allows over-the-air (OTA) updates without checking user defined basic auth username & password. This issue is patched in version 2021.9.2. As a workaround, one may disable or remove `web_server`.
CVE-2021-34173 1 Espressif 2 Esp32, Esp32 Firmware 2024-11-21 7.8 HIGH 7.5 HIGH
An attacker can cause a Denial of Service and kernel panic in v4.2 and earlier versions of Espressif esp32 via a malformed beacon csa frame. The device requires a reboot to recover.
CVE-2021-28139 1 Espressif 2 Esp-idf, Esp32 2024-11-21 8.3 HIGH 8.8 HIGH
The Bluetooth Classic implementation in Espressif ESP-IDF 4.4 and earlier does not properly restrict the Feature Page upon reception of an LMP Feature Response Extended packet, allowing attackers in radio range to trigger arbitrary code execution in ESP32 via a crafted Extended Features bitfield payload.
CVE-2021-28136 1 Espressif 2 Esp-idf, Esp32 2024-11-21 3.3 LOW 6.5 MEDIUM
The Bluetooth Classic implementation in Espressif ESP-IDF 4.4 and earlier does not properly handle the reception of multiple LMP IO Capability Request packets during the pairing process, allowing attackers in radio range to trigger memory corruption (and consequently a crash) in ESP32 via a replayed (duplicated) LMP packet.
CVE-2020-13595 1 Espressif 2 Esp-idf, Esp32 2024-11-21 3.3 LOW 6.5 MEDIUM
The Bluetooth Low Energy (BLE) controller implementation in Espressif ESP-IDF 4.0 through 4.2 (for ESP32 devices) returns the wrong number of completed BLE packets and triggers a reachable assertion on the host stack when receiving a packet with an MIC failure. An attacker within radio range can silently trigger the assertion (which disables the target's BLE stack) by sending a crafted sequence of BLE packets.
CVE-2020-13594 1 Espressif 2 Esp-idf, Esp32 2024-11-21 3.3 LOW 6.5 MEDIUM
The Bluetooth Low Energy (BLE) controller implementation in Espressif ESP-IDF 4.2 and earlier (for ESP32 devices) does not properly restrict the channel map field of the connection request packet on reception, allowing attackers in radio range to cause a denial of service (crash) via a crafted packet.