Vulnerabilities (CVE)

Vendor filter

Espressif Subscribe

Filter

4 total CVE
CVE Vendors Products Updated CVSS
CVE-2019-15894 1 Espressif 1 Esp-idf 2019-10-15 7.2
An issue was discovered in Espressif ESP-IDF 2.x, 3.0.x through 3.0.9, 3.1.x through 3.1.6, 3.2.x through 3.2.3, and 3.3.x through 3.3.1. An attacker who uses fault injection to physically disrupt the ESP32 CPU can bypass the Secure Boot digest...
CVE-2019-12588 1 Espressif 1 Arduino Esp8266 2019-09-09 3.3
The client 802.11 mac implementation in Espressif ESP8266_NONOS_SDK 2.2.0 through 3.1.0 does not validate correctly the RSN AuthKey suite list count in beacon frames, probe responses, and association responses, which allows attackers in radio...
CVE-2019-12587 1 Espressif 1 Esp-idf 2019-09-06 4.8
The EAP peer implementation in Espressif ESP-IDF 2.0.0 through 4.0.0 and ESP8266_NONOS_SDK 2.2.0 through 3.1.0 allows the installation of a zero Pairwise Master Key (PMK) after the completion of any EAP authentication method, which allows...
CVE-2019-12586 1 Espressif 2 Arduino-esp32, Esp-idf 2019-09-05 3.3
The EAP peer implementation in Espressif ESP-IDF 2.0.0 through 4.0.0 and ESP8266_NONOS_SDK 2.2.0 through 3.1.0 processes EAP Success messages before any EAP method completion or failure, which allows attackers in radio range to cause a denial of...