Known Vulnerabilities for Esp32 by Espressif
Listed below are 6 of the newest known vulnerabilities associated with "Esp32" by "Espressif".
These CVEs are retrieved based on exact matches on listed software, hardware, and vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed software information are still displayed.
Data on known vulnerable versions is also displayed based on information from known CPEs
More device details and information can be found at device.report here: Espressif Esp32
Known Vulnerabilities
| CVE | Shortened Description | Severity | Publish Date | Last Modified |
|---|---|---|---|---|
| CVE-2021-41104 | ESPHome is a system to control the ESP8266/ESP32. Anyone with web_server enabled and HTTP basic auth configured on version 20... | 7.5 - HIGH | 2021-09-28 | 2021-10-07 |
| CVE-2021-34173 | An attacker can cause a Denial of Service and kernel panic in v4.2 and earlier versions of Espressif esp32 via a malformed be... | 7.5 - HIGH | 2021-07-14 | 2021-07-27 |
| CVE-2021-28139 | The Bluetooth Classic implementation in Espressif ESP-IDF 4.4 and earlier does not properly restrict the Feature Page upon re... | 8.8 - HIGH | 2021-09-07 | 2021-09-09 |
| CVE-2021-28136 | The Bluetooth Classic implementation in Espressif ESP-IDF 4.4 and earlier does not properly handle the reception of multiple ... | 6.5 - MEDIUM | 2021-09-07 | 2021-09-09 |
| CVE-2020-13595 | The Bluetooth Low Energy (BLE) controller implementation in Espressif ESP-IDF 4.0 through 4.2 (for ESP32 devices) returns the... | 6.5 - MEDIUM | 2020-08-31 | 2020-09-08 |
| CVE-2020-13594 | The Bluetooth Low Energy (BLE) controller implementation in Espressif ESP-IDF 4.2 and earlier (for ESP32 devices) does not pr... | 6.5 - MEDIUM | 2020-08-31 | 2020-09-08 |
Known Affected Configurations (CPE V2.3)
| Type | Vendor | Product | Version | Update | Edition | Language |
|---|---|---|---|---|---|---|
| Hardware | Espressif | Esp32 | - | All | All | All |