Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
Espressif ESP-IDF 2.x, 3.0.x through 3.0.9, 3.1.x through 3.1.7, 3.2.x through 3.2.3, 3.3.x through 3.3.2, and 4.0.x through 4.0.1 has a Buffer Overflow in BluFi provisioning in btc_blufi_recv_handler function in blufi_prf.c. An attacker can send a crafted BluFi protocol Write Attribute command to characteristic 0xFF01. With manipulated packet fields, there is a buffer overflow.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Espressif ESP-IDF 缓冲区错误漏洞
Vulnerability Description
Espressif ESP-IDF是中国乐鑫信息科技(Espressif)公司的一款物联网开发框架。 Espressif ESP-IDF 存在缓冲区错误漏洞,攻击者可利用该漏洞使应用崩溃。以下产品及版本受到影响:Espressif ESP-IDF 2.x,3.0.x至3.0.9、Espressif ESP-IDF 3.1.x至3.1.7、Espressif ESP-IDF 3.2.x至3.2.3、3.3.x至3.3.2、Espressif ESP-IDF 4.0.x至4.0.1。
CVSS Information
N/A
Vulnerability Type
N/A