← Back

CVE-2025-27840

nvd nist
Published: Mar 8, 2025Modified: Mar 12, 2025

JSON object

Loading...
6.8
Vector
CVSS:3.1/AV:P/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:N
Exploitability: 0.5 / Impact: 5.8
Source: NVD

Description

Espressif ESP32 chips allow 29 hidden HCI commands, such as 0xFC02 (Write memory).

Affected (1)

Espressif
1 product
Esp32 Firmware
Configuration A
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Esp32 Firmware
All versions
Running on/withPlatform Versions
Espressif
Esp32
All versions

Related CWEs

CWE-912
Hidden Functionality
The product contains functionality that is not documented, not part of the specification, and not accessible through an interface or command sequence that is obvious to the product's users or administrators.

References (15)

Source: cve@mitre.org
Technical DescriptionThird Party Advisory
Source: cve@mitre.org
ExploitTechnical DescriptionThird Party Advisory
Source: cve@mitre.org
Technical DescriptionThird Party Advisory
Source: cve@mitre.org
Third Party Advisory
Source: cve@mitre.org
Product
Source: cve@mitre.org
Issue Tracking
Source: cve@mitre.org
Issue Tracking
Source: cve@mitre.org
Issue Tracking
Source: cve@mitre.org
Issue Tracking
Source: cve@mitre.org
Third Party Advisory
Source: cve@mitre.org
ExploitPress/Media Coverage
Source: cve@mitre.org
ExploitPress/Media Coverage
Source: cve@mitre.org
Press/Media Coverage
Source: cve@mitre.org
Third Party Advisory
Source: cve@mitre.org
Third Party Advisory

Timeline

No history available yet.