216.73.217.64

CVE-2025-52471

· Published 24/06/2025 20:15 · Modified 24/06/2025 20:15

Labels: CVE-2025-52471 2025-06-24CVE-2025-52471CWE-191[email protected]

Essential information

Published
24/06/2025 20:15
Modified
24/06/2025 20:15
Author
Creator
CVSS
7.2 HIGH (v3) 7.2 HIGH (v4.0)
CISA KEV
No
CWE
CVSS vector

CVSS metrics

Description

ESF-IDF is the Espressif Internet of Things (IOT) Development Framework. An integer underflow vulnerability has been identified in the ESP-NOW protocol implementation within the ESP Wi-Fi component of versions 5.4.1, 5.3.3, 5.2.5, and 5.1.6 of the ESP-IDF framework. This issue stems from insufficient validation of user-supplied data length in the packet receive function. Under certain conditions, this may lead to out-of-bounds memory access and may allow arbitrary memory write operations. On systems without a memory protection scheme, this behavior could potentially be used to achieve remote code execution (RCE) on the target device. In versions 5.4.2, 5.3.4, 5.2.6, and 5.1.6, ESP-NOW has added more comprehensive validation logic on user-supplied data length during packet reception to prevent integer underflow caused by negative value calculations. For ESP-IDF v5.3 and earlier, a workaround can be applied by validating that the `data_len` parameter received in the RX callback (registered via `esp_now_register_recv_cb()`) is a positive value before further processing. For ESP-IDF v5.4 and later, no application-level workaround is available. Users are advised to upgrade to a patched version of ESP-IDF to take advantage of the built-in mitigation.

NVD status

Status
Received — CVE has been recently published to the CVE List and has been received by the NVD.
Source
[email protected]
NVD
View on NVD

Affected products (CPE)

ProductCPE
espressif / esp idf cpe:2.3:a:espressif:esp_idf:5.4.1:*:*:*:*:*:*:*
espressif / esp idf cpe:2.3:a:espressif:esp_idf:5.3.3:*:*:*:*:*:*:*
espressif / esp idf cpe:2.3:a:espressif:esp_idf:5.2.5:*:*:*:*:*:*:*
espressif / esp idf cpe:2.3:a:espressif:esp_idf:5.1.6:*:*:*:*:*:*:*

References