Espressif: >> Esp-Idf >> 5.3 Security Vulnerabilities
ESF-IDF is the Espressif Internet of Things (IOT) Development Framework. The BluFi example bundled in ESP-IDF was vulnerable to memory overflows in two areas: Wi-Fi credential handling and Diffie–Hellman key exchange. This vulnerability is fixed in 5.4.1, 5.3.3, 5.1.6, and 5.0.9.
CVSS Score
8.8
EPSS Score
0.0
Published
2025-08-21
Espressif Esp idf v5.3.0 is vulnerable to Insecure Permissions resulting in Authentication bypass. In the reconnection phase, the device reuses the session key from a previous connection session, creating an opportunity for attackers to execute security bypass attacks.
CVSS Score
8.8
EPSS Score
0.001
Published
2025-03-13
An issue in Espressif Esp idf v5.3.0 allows attackers to cause a Denial of Service (DoS) via a crafted data channel packet.
CVSS Score
7.5
EPSS Score
0.001
Published
2024-11-07