CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2024-53406

Espressif Esp idf v5.3.0 is vulnerable to Insecure Permissions resulting in Authentication bypass. In the reconnection phase, the device reuses the session key from a previous connection session, creating an opportunity for attackers to execute security bypass attacks.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.001

EPSS Ranking 29.1%

CVSS Severity

CVSS v3 Score 8.8

References

https://github.com/espressif/esp-idf
https://github.com/yangting111/BLE_TEST/blob/main/result/PoC/Esp/sk_reuse.md

Products affected by CVE-2024-53406

Espressif » Esp-Idf » Version: 5.3.0

cpe:2.3:a:espressif:esp-idf:5.3.0

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2024-53406

Products

Pricing

Contact Us