← Back

CVE-2024-33453

nvd nist
Published: Oct 17, 2024Modified: Dec 31, 2025

JSON object

Loading...
8.1
Vector
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N
Exploitability: 2.8 / Impact: 5.2
Source: 134c704f-9b21-4f2e-91b3-4a467353bcc0 (Secondary)

Description

Buffer Overflow vulnerability in esp-idf v.5.1 allows a remote attacker to obtain sensitive information via the externalId component.

Affected (1)

Products: Espressif: Esp Idf
Espressif
1 product
Esp Idf
Configuration A
1 vulnerable
Vulnerable SoftwareAffected Versions
Esp Idf
Version 5.1

Related CWEs

CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
The product copies an input buffer to an output buffer without verifying that the size of the input buffer is less than the size of the output buffer, leading to a buffer overflow.

References (1)

Source: cve@mitre.org
MitigationThird Party Advisory

Timeline

No history available yet.