CPE-5664E196-3A86-4B24-A8BC-694A79B9F473 Detail

CPE Details

Espressif ESP32

Vendor

espressif

Product

esp32

Version

Created

2020-09-01
15h58 +00:00

Modified

2020-09-01
15h58 +00:00

Official links

CPE NVD

Alerte pour un CPE

Stay informed of any changes for a specific CPE.

Notifications manage

List of Notifications

Alerte pour un CPE

Stay informed of any changes for a specific CPE.

Parameters

You can specify a title that will be retrieved in the alerts that will be sent out.

CPE ID

Planning

Month

Next run calculation

Day

Weekday

Hour

Minute

Creation date

Last execution

Next execution

Functionality requiring a connection

This feature, which allows you to receive alerts, is only active when you are logged into your account.

CPE Name: cpe:2.3:h:espressif:esp32:-:::::::*

Informations

Vendor

espressif

Product

esp32

Version

Related CVE

Open and find in CVE List

CVE ID	Published	Description	Score	Severity
CVE-2025-27840	2025-03-08 00h00 +00:00	Espressif ESP32 chips allow 29 hidden HCI commands, such as 0xFC02 (Write memory).	6.8	Medium
CVE-2021-41104	2021-09-28 13h15 +00:00	ESPHome is a system to control the ESP8266/ESP32. Anyone with web_server enabled and HTTP basic auth configured on version 2021.9.1 or older is vulnerable to an issue in which `web_server` allows over-the-air (OTA) updates without checking user defined basic auth username & password. This issue is patched in version 2021.9.2. As a workaround, one may disable or remove `web_server`.	7.5	High
CVE-2021-28139	2021-09-07 04h27 +00:00	The Bluetooth Classic implementation in Espressif ESP-IDF 4.4 and earlier does not properly restrict the Feature Page upon reception of an LMP Feature Response Extended packet, allowing attackers in radio range to trigger arbitrary code execution in ESP32 via a crafted Extended Features bitfield payload.	8.8	High
CVE-2021-28136	2021-09-07 03h52 +00:00	The Bluetooth Classic implementation in Espressif ESP-IDF 4.4 and earlier does not properly handle the reception of multiple LMP IO Capability Request packets during the pairing process, allowing attackers in radio range to trigger memory corruption (and consequently a crash) in ESP32 via a replayed (duplicated) LMP packet.	6.5	Medium
CVE-2021-34173	2021-07-14 16h32 +00:00	An attacker can cause a Denial of Service and kernel panic in v4.2 and earlier versions of Espressif esp32 via a malformed beacon csa frame. The device requires a reboot to recover.	7.5	High
CVE-2020-13595	2020-08-31 12h59 +00:00	The Bluetooth Low Energy (BLE) controller implementation in Espressif ESP-IDF 4.0 through 4.2 (for ESP32 devices) returns the wrong number of completed BLE packets and triggers a reachable assertion on the host stack when receiving a packet with an MIC failure. An attacker within radio range can silently trigger the assertion (which disables the target's BLE stack) by sending a crafted sequence of BLE packets.	6.5	Medium
CVE-2020-13594	2020-08-31 12h58 +00:00	The Bluetooth Low Energy (BLE) controller implementation in Espressif ESP-IDF 4.2 and earlier (for ESP32 devices) does not properly restrict the channel map field of the connection request packet on reception, allowing attackers in radio range to cause a denial of service (crash) via a crafted packet.	6.5	Medium

Espressif ESP32

CPE Details

CPE Name: cpe:2.3:h:espressif:esp32:-:*:*:*:*:*:*:*

Informations

Vendor

Product

Version

Related CVE

CPE Name: cpe:2.3:h:espressif:esp32:-:::::::*