CVE-2025-27840

Medienbericht

Exploit

EPSS 0.31%
Veröffentlicht 08.03.2025 20:15:36
Zuletzt bearbeitet 12.03.2025 14:58:54
Quelle cve@mitre.org
CVE-Watchlists
Login
Unerledigt
Login

Espressif ESP32 chips allow 29 hidden HCI commands, such as 0xFC02 (Write memory).

Betroffene Produkte Warnungen 0 Metriken 3 CWE 1 Referenzen 18

Verknüpft mit AI von unstrukturierten Daten zu bestehenden CPE der NVD

Diese Information steht angemeldeten Benutzern zur Verfügung.

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

Espressif ≫ Esp32 Firmware Version-

Espressif ≫ Esp32 Version-

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	0.31%	0.537

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
nvd@nist.gov	6.8	0.5	5.8	CVSS:3.1/AV:P/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:N
cve@mitre.org	6.8	0.3	6	CVSS:3.1/AV:P/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:L

CWE-912 Hidden Functionality

The product contains functionality that is not documented, not part of the specification, and not accessible through an interface or command sequence that is obvious to the product's users or administrators.

https://github.com/TarlogicSecurity/Talks/blob/main/2025_RootedCon_BluetoothTools.pdf

Third Party Advisory

https://x.com/pascal_gujer/status/1898442439704158276

Third Party Advisory

https://www.tarlogic.com/news/backdoor-esp32-chip-infect-ot-devices/

Third Party Advisory

https://www.bleepingcomputer.com/news/security/undocumented-backdoor-found-in-bluetooth-chip-used-by-a-billion-devices/

Exploit

Press/Media Coverage

https://reg.rootedcon.com/cfp/schedule/talk/5

Third Party Advisory

https://flyingpenguin.com/?p=67838

Third Party Advisory

Technical Description

https://github.com/em0gi/CVE-2025-27840

Product

https://github.com/orgs/espruino/discussions/7699

Issue Tracking

https://www.bleepingcomputer.com/news/security/undocumented-commands-found-in-bluetooth-chip-used-by-a-billion-devices/

Exploit

Press/Media Coverage

https://cheriot.org/auditing/backdoor/2025/03/09/no-esp32-style-backdoor.html

Third Party Advisory

Technical Description

https://darkmentor.com/blog/esp32_non-backdoor/

Third Party Advisory

Exploit

Technical Description

https://github.com/esphome/esphome/discussions/8382

Issue Tracking

https://news.ycombinator.com/item?id=43301369

Issue Tracking

https://news.ycombinator.com/item?id=43308740

Issue Tracking

https://www.espressif.com/en/news/Response_ESP32_Bluetooth

Press/Media Coverage

https://nvd.nist.gov/vuln/detail/CVE-2025-27840

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2025-27840

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2025-27840

EUVD

Team-orientierte Vulnerability Management Plattform

Features der Plattform

CVE-2025-27840