esp

ESP

Espressif Systems, a company with headquarters in Shanghai, China made its debut in the microcontroller scene with their range of inexpensive and feature-packed WiFi microcontrollers such as ESP8266.

• ESP8266 : WIFI
• ESP32 Xtensa variants
  • ESP32, ESP32-S2, ESP32-S3 SoCs
  • low-cost, low-power system on a chip microcontrollers with integrated Wi-Fi and dual-mode Bluetooth
• ESP32 RISC-V variants
  • ESP32C2, ESP32C3, ESP32C6, ESP32H2 SoCs
  • low-cost, low-power system on a chip microcontrollers with integrated Wi-Fi and dual-mode Bluetooth

ESP-IDF

ESP-IDF is the development framework for Espressif SoCs supported on Windows, Linux and macOS.

CVE	Detail	Version	Patch	POC	Type
2018-18558	Secure Boot	2.x 3.0.0-6 3.1.0-1	Verify image overlap		CWE-20
2019-12586	esp-eap-crash	2-4	fix WiFi WPA2 Enterprise Vul	esp_attacks
2019-12587	zero-pmk-installation	2-4	fix WiFi WPA2 Enterprise Vul	esp_attacks	CWE-327
2019-15894	Secure Boot	2.x, 3.0.0-9, 3.1.0-6, 3.2.0-3, 3.3.0-1			CWE-755
2019-17391	eFuse Protection	hardware ESP32-D0WD, ESP32-D2WD, ESP32-S0WD, ESP32-PICO-D4			CWE-755
2020-12638	WPA2 Auth Mode Downgrade	< 4.2	remove auth_changed event and fix wpa2 authmode threshold		CWE-319 CWE-287
2020-13594	Invalid Channel Map Crash/Deadlock	<4.2	Fix ble disconnect due to channel map too small		CWE-20
2020-13595	HCI Desync Deadlock	4.0-2	Fix hci packet count reported in NOCP HCI event at the time of disconnection		CWE-617
2020-16146	Blufi overflow	2.x, 3.0.0-9, 3.1.0-7, 3.2.0-3, 3.3.0-2,4.0.0-1			CWE-120
2021-28135	braktooth	<4.4		braktooth
2021-28136	braktooth	<4.4		braktooth	CWE-787
2021-28139	braktooth	<4.4		braktooth
2021-33028	Owfuzz	<4.2
2021-34173	Owfuzz 4.2 case 1	<4.2
2022-24893	Bluetooth Mesh Stack Vul	<4.1.4,<4.2.4,<4.3.3,<4.4.2	oversized SegN as valid		CWE-787 CWE-788
2023-35818	Bypassing Secure Boot and Flash Encryption Using EMFI	ESP32_rev300			hardware
2024-28183	Bootloader TOCTOU Vulnerability in Anti-rollback Scheme	<4.4.7, <5.2.1	additional checks for secure version in anti-rollback case & check the secure version only for app image		CWE-367

ESP_NONOS_SDK

ESP8266 nonOS SDK

CVE	Detail	Version	Patch	POC	Type
2019-12586	esp32/8266 EAP crash	2.2.0-3.1.0	fix WiFi WPA2 Enterprise Vul	esp attacks
2019-12587	Zero PMK Install	2.2.0-3.1.0	fix WiFi WPA2 Enterprise Vul	esp attacks	CWE-327
2019-12588	ESP8266 Beacon Frame Crash	2.2.0-3.1.0	fix net80211 bugs	esp attacks	CWE-20
2020-12638	WPA2 Auth Mode Downgrade	< 3.0.3	remove auth_changed event and fix wpa2 authmode threshold		CWE-319 CWE-287

ESP8266_RTOS_SDK

Latest ESP8266 SDK based on FreeRTOS, esp-idf style.

CVE	Detail	Version	Patch	POC	Type
2020-12638	WPA2 Auth Mode Downgrade	<3.3	remove auth_changed event and fix wpa2 authmode threshold		CWE-319 CWE-287

Arduino-ESP

CVE	Detail	Version	Patch	POC	Type
2019-12586	esp32/8266 EAP crash	< 1.0.3 RC3	github commit	github
2019-12587	esp32/8266 EAP crash	< 1.0.3 RC3	github commit	github	CWE-327
2019-12588	ESP8266 Beacon Frame Crash	2.2.0-3.1.0	Update	esp attacks	CWE-20