Known Vulnerabilities for Esp-idf by Espressif
Listed below are 10 of the newest known vulnerabilities associated with "Esp-idf" by "Espressif".
These CVEs are retrieved based on exact matches on listed software, hardware, and vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed software information are still displayed.
Data on known vulnerable versions is also displayed based on information from known CPEs
Known Vulnerabilities
| CVE | Shortened Description | Severity | Publish Date | Last Modified |
|---|---|---|---|---|
| CVE-2022-24893 json | ESP-IDF is the official development framework for Espressif SoCs. In Espressif’s Bluetooth Mesh SDK (`ESP-BLE-MESH`), a mem... | 8.8 - HIGH | 2022-06-25 | 2022-07-08 |
| CVE-2021-28139 json | The Bluetooth Classic implementation in Espressif ESP-IDF 4.4 and earlier does not properly restrict the Feature Page upon re... | 8.8 - HIGH | 2021-09-07 | 2021-09-09 |
| CVE-2021-28136 json | The Bluetooth Classic implementation in Espressif ESP-IDF 4.4 and earlier does not properly handle the reception of multiple ... | 6.5 - MEDIUM | 2021-09-07 | 2021-09-09 |
| CVE-2021-28135 json | The Bluetooth Classic implementation in Espressif ESP-IDF 4.4 and earlier does not properly handle the reception of continuou... | 6.5 - MEDIUM | 2021-09-07 | 2022-07-12 |
| CVE-2020-16146 json | Espressif ESP-IDF 2.x, 3.0.x through 3.0.9, 3.1.x through 3.1.7, 3.2.x through 3.2.3, 3.3.x through 3.3.2, and 4.0.x through ... | 7.5 - HIGH | 2021-01-12 | 2021-01-20 |
| CVE-2020-13595 json | The Bluetooth Low Energy (BLE) controller implementation in Espressif ESP-IDF 4.0 through 4.2 (for ESP32 devices) returns the... | 6.5 - MEDIUM | 2020-08-31 | 2020-09-08 |
| CVE-2020-13594 json | The Bluetooth Low Energy (BLE) controller implementation in Espressif ESP-IDF 4.2 and earlier (for ESP32 devices) does not pr... | 6.5 - MEDIUM | 2020-08-31 | 2020-09-08 |
| CVE-2020-12638 json | An encryption-bypass issue was discovered on Espressif ESP-IDF devices through 4.2, ESP8266_NONOS_SDK devices through 3.0.3, ... | 6.8 - MEDIUM | 2020-07-23 | 2021-07-21 |
| CVE-2019-15894 json | An issue was discovered in Espressif ESP-IDF 2.x, 3.0.x through 3.0.9, 3.1.x through 3.1.6, 3.2.x through 3.2.3, and 3.3.x th... | 6.8 - MEDIUM | 2019-10-07 | 2020-08-24 |
| CVE-2019-12587 json | The EAP peer implementation in Espressif ESP-IDF 2.0.0 through 4.0.0 and ESP8266_NONOS_SDK 2.2.0 through 3.1.0 allows the ins... | 8.1 - HIGH | 2019-09-04 | 2020-08-24 |
Known Affected Configurations (CPE V2.3)
| Type | Vendor | Product | Version | Update | Edition | Language |
|---|---|---|---|---|---|---|
| Application | Espressif | Esp-idf | 4.2 | |||
| Application | Espressif | Esp-idf | 4.1 | |||
| Application | Espressif | Esp-idf | 4.0.2 | |||
| Application | Espressif | Esp-idf | 4.0.1 | |||
| Application | Espressif | Esp-idf | 4.0.0 | |||
| Application | Espressif | Esp-idf | 4.0 | |||
| Application | Espressif | Esp-idf | 3.3.4 | |||
| Application | Espressif | Esp-idf | 3.3.3 | |||
| Application | Espressif | Esp-idf | 3.3.2 | |||
| Application | Espressif | Esp-idf | 3.3.1 | |||
| Application | Espressif | Esp-idf | 3.3 | |||
| Application | Espressif | Esp-idf | 3.3 | |||
| Application | Espressif | Esp-idf | 3.3 | |||
| Application | Espressif | Esp-idf | 3.3 | |||
| Application | Espressif | Esp-idf | 3.3 | |||
| Application | Espressif | Esp-idf | 3.2.3 | |||
| Application | Espressif | Esp-idf | 3.2.2 | |||
| Application | Espressif | Esp-idf | 3.2.1 | |||
| Application | Espressif | Esp-idf | 3.2 | |||
| Application | Espressif | Esp-idf | 3.2 |