Below is a comprehensive list of known security issues affecting Espressif’s ESP32 SoC, organized by category. Each vulnerability entry includes its title or CVE, a brief description, source references, patch status, and severity (CVSS score or qualitative rating if available). Recent findings are prioritized, but historical issues are included for completeness.
The first-stage bootloader on ESP32 (mask ROM 2016-06-08 v0–v2) lacked anti-glitch protection. An attacker with physical access could inject a power glitch right after reset to read out protected eFuses (e.g., flash encryption and secure boot keys).
Patch Status: Unpatched in old silicon – fixed in later hardware (ESP32 ECO3/V3 and newer) which added glitch countermeasures.
Severity: Medium (CVSS 3.1 Base 4.6).
In ESP-IDF v2.x and v3.x (ESP32 rev0/1), a fault-injection attack on the CPU can bypass Secure Boot’s digest verification and allow booting of unverified code. If flash encryption is disabled, this yields arbitrary code execution; with flash encryption enabled, impact is limited (flash remains encrypted).
Patch Status: Mitigated – Espressif recommends permanently enabling flash encryption (via eFuse) to protect devices.
Severity: Medium (CVSS 3.1 Base 6.8).
A combined fault-injection (glitch) technique was demonstrated on ESP32 rev0 and rev1 to bypass Secure Boot V1+Flash Encryption (when UART bootloader is enabled). By carefully timing a voltage glitch, researchers achieved arbitrary code execution and even extracted plaintext flash data.
Patch Status: Partially Patched – Only applicable to older silicon (rev0, rev1); ESP32 ECO3 (V3) introduced Secure Boot V2 and an option to disable the UART bootloader, preventing this attack.
Severity: (CVE not in NVD; similar issues rated Medium).
Another fault-injection issue (disclosed alongside CVE-2020-13629) affecting ESP32 rev0/1 could disrupt flash operation and bypass security. It has similar impact to CVE-2019-15894/17391.
Patch Status: Mitigated in new hardware – Not applicable to ESP32 ECO3 or later, which added hardware countermeasures.
Severity: Espressif classified as “problematic” (likely Medium; exact CVSS not publicly available).
A Time-of-Check to Time-of-Use flaw in ESP-IDF’s bootloader could let an attacker with flash access bypass firmware anti-rollback protection. By modifying flash contents between the bootloader’s version check and application load, a downgrading to older (vulnerable) firmware becomes possible.
Patch Status: Patched – Fixed in ESP-IDF v4.4.7, v5.0.7, v5.1.4, v5.2.1 by adding additional version checks during boot.
Severity: Moderate (GitHub advisory rating).
Researchers showed that on ESP32 ECO3 (rev3.0/3.1), a well-timed electromagnetic fault injection (EMFI) can divert execution to the ROM’s UART bootloader mode despite Secure Boot V2 and Flash Encryption being enabled. This allows loading of arbitrary code or reading decrypted flash content in a lab setting.
Patch Status: No immediate fix – This semi-invasive hardware attack is difficult but possible. Espressif’s advisory provides mitigations (unique per-device keys, etc.) since no firmware patch can fully resolve it.
Severity: Not scored (requires specialized equipment; considered low risk for mass exploitation).
(No CVE assigned) Security researchers at Ledger Donjon discovered that ESP32 ECO3’s hardware AES-256 engine is susceptible to side-channel power analysis. By collecting tens of thousands of power traces and using Differential Power Analysis (DPA), an attacker could recover long-term AES keys and the flash encryption key stored in eFuse.
Patch Status: Unpatched in hardware – This is a physical side-channel flaw. Espressif suggests using unique per-device flash encryption keys (to limit attack value).
Severity: High risk if attacker has physical access and expertise (no CVSS; real threat in targeted scenarios).
A Bluetooth Classic vulnerability in ESP-IDF ≤4.4 allows attackers within radio range to send a crafted LMP “Extended Features” response that triggers a buffer overflow and arbitrary code execution on the ESP32. This is part of the BrakTooth family of Bluetooth bugs.
Patch Status: Patched – Fixed in ESP-IDF (see esp-idf commit in Sept 2021 addressing multiple BrakTooth issues). Users should update to IDF v4.4.1 or later.
Severity: High (CVSS 3.1 Base 8.8).
Another Bluetooth Classic flaw in ESP-IDF ≤4.4 where sending repeated LMP I/O Capability requests during pairing causes a memory corruption and device crash (denial of service). This is a BrakTooth-induced DoS.
Patch Status: Patched – Addressed alongside other BrakTooth fixes in ESP-IDF updates.
Severity: Medium (CVSS 3.1 Base 6.5 – crash only).
Part of BrakTooth, this relates to an improperly handled LMP Feature response causing a reboot, similar to 28139/28136.
Patch Status: Patched in updated ESP-IDF.
Severity: Medium (DoS).
ESP32’s Bluetooth Low Energy stack (ESP-IDF ≤4.2) was affected by SweynTooth, a family of BLE security flaws. For instance, CVE-2020-13594 allowed an attacker to send an invalid channel map causing a crash or deadlock in the ESP32’s BLE controller; CVE-2020-13595 involved a crafted packet causing buffer mismanagement.
Patch Status: Patched – Fixes were released (ESP-IDF v4.3+).
Severity: Medium – mostly DoS (exact CVSS varies; e.g., CVSS 6.5 for crashes).
A vulnerability in Bluetooth Classic/LE pairing (affecting devices supporting dual-mode) could allow an attacker to overwrite or downgrade keys, leading to a man-in-the-middle (MITM) on secure connections. Espressif devices using legacy pairing were susceptible.
Patch Status: Patched – Espressif applied Bluetooth SIG’s recommended fixes (7-byte encryption key minimum, plus firmware updates to prevent key overwrite).
Severity: High – enables MITM and key cracking.
“Bluetooth Forward and Future Secrecy” (BLUFFS) is a set of attacks disclosed in 2023. It exploits a combination of flaws: BIAS (Bluetooth Impersonation Attack) to downgrade Secure Connections to Legacy, and the old KNOB weakness (CVE-2019-9506) to reduce key entropy, allowing easier brute-force decryption.
Patch Status: Mitigations Implemented – Espressif’s Bluetooth stack added fixes: enforcing 7-byte min key length (fixing KNOB) and re-authentication to prevent BIAS. Use ESP-IDF v4.4+.
Severity: High – affects Bluetooth’s fundamental security (industry-wide issue).
A memory corruption in Espressif’s BLE Mesh SDK (ESP-BLE-MESH) could be triggered during device provisioning due to missing length checks on a field (SegN). An attacker in BLE range could exploit this to corrupt memory and potentially gain control of the device.
Patch Status: Patched – Fixes were committed to ESP-IDF v4.1 through v4.4 branches; users of ESP-BLE-MESH should upgrade.
Severity: High (CVSS 3.1 Base 8.8).
Discovered by Lukas Bachschwell, this flaw in ESP32/ESP8266 Wi-Fi (ESP-IDF ≤4.2) allows an attacker to send forged beacon frames, tricking the device into reverting to open (unencrypted) mode.
Patch Status: Patched – Fixed in ESP-IDF v3.1.8, v3.2.4, v3.3.3, v4.0.2, v4.1, v4.2 and later.
Severity: Medium (CVSS 3.1 Base 6.8).
Part of the “FragAttacks” disclosed in 2021, this vulnerability in ESP32’s Wi-Fi stack allows an attacker in a man-in-the-middle position to inject malicious data by spoofing one fragment of an aggregated frame. Transport-layer encryption (TLS/HTTPS) generally prevents deeper compromise.
Patch Status: Patched – Updates in ESP-IDF (fixed in v4.3.7, v4.4.7, v5.x branches).
Severity: Medium (potential code injection in unencrypted traffic).
A vulnerability in the implementation of PEAP (Protected EAP) in wpa_supplicant (through v2.10, used by ESP-IDF) allows an attacker to skip Phase 2 authentication if the device isn’t validating the server’s TLS certificate. By sending an EAP Success after Phase 1, the client believes it’s fully authenticated without inner auth.
Patch Status: Patched – Addressed by updates to wpa_supplicant/ESP-IDF (Espressif Advisory AR2024-003).
Severity: Medium (CVSS 3.1 Base 6.5).
Researchers found that ESP-NOW had insufficient anti-replay protection. By capturing and replaying packets, an attacker can impersonate commands even if traffic is encrypted (due to predictable nonces). Real-world implications include replaying “unlock” or “disable alarm” commands in IoT systems using ESP-NOW.
Patch Status: Patched – Fixes merged in the ESP-NOW repository (improved random nonces, replay cache).
Severity: Medium – design flaw requiring firmware update.
Two vulnerabilities in the lightweight IP (lwIP) TCP/IP stack (used in ESP-IDF) could lead to buffer overflows. These could be triggered by certain network packets, potentially causing crashes or remote code execution in ESP32 networking.
Patch Status: Patched – Fixed in ESP-IDF v4.4.1 and later.
Severity: High (memory corruption via network packets).
Part of Microsoft’s BadAlloc disclosure, these refer to vulnerabilities in heap memory allocation. Espressif confirmed ESP-IDF was affected. An attacker could exploit these via malformed inputs causing heap overflows.
Patch Status: Patched – Refer to Espressif advisory AR2021-005; fixes in ESP-IDF provided.
Severity: Critical/High (part of a set of heap vulnerabilities affecting IoT SDKs).
A FreeRTOS issue allowing a task to gain elevated privileges (in ARMv7/ARMv8-M versions). Impact on ESP32: Not applicable, as ESP-IDF’s FreeRTOS runs on Xtensa or RISCV without that MPU port. Listed for completeness.
Patch Status: ESP32 not affected – no action required.
Severity: N/A for ESP32 (applies to ARM-specific port).
A vulnerability in Newlib’s RISC-V syscall implementation for gettimeofday could lead to an overflow. Impact on ESP32: None (ESP-IDF does not use Newlib’s syscalls for RISC-V). Listed for completeness.
Patch Status: No action needed – ESP32 not impacted.
Severity: N/A for ESP32.