mirror of
https://github.com/CVEProject/cvelist.git
synced 2025-08-04 08:44:25 +00:00
132 lines
5.1 KiB
JSON
132 lines
5.1 KiB
JSON
{
|
|
"CVE_data_meta": {
|
|
"ASSIGNER": "cve@mitre.org",
|
|
"ID": "CVE-2025-27840",
|
|
"STATE": "PUBLIC"
|
|
},
|
|
"affects": {
|
|
"vendor": {
|
|
"vendor_data": [
|
|
{
|
|
"product": {
|
|
"product_data": [
|
|
{
|
|
"product_name": "n/a",
|
|
"version": {
|
|
"version_data": [
|
|
{
|
|
"version_value": "n/a"
|
|
}
|
|
]
|
|
}
|
|
}
|
|
]
|
|
},
|
|
"vendor_name": "n/a"
|
|
}
|
|
]
|
|
}
|
|
},
|
|
"data_format": "MITRE",
|
|
"data_type": "CVE",
|
|
"data_version": "4.0",
|
|
"description": {
|
|
"description_data": [
|
|
{
|
|
"lang": "eng",
|
|
"value": "Espressif ESP32 chips allow 29 hidden HCI commands, such as 0xFC02 (Write memory)."
|
|
}
|
|
]
|
|
},
|
|
"problemtype": {
|
|
"problemtype_data": [
|
|
{
|
|
"description": [
|
|
{
|
|
"lang": "eng",
|
|
"value": "n/a"
|
|
}
|
|
]
|
|
}
|
|
]
|
|
},
|
|
"references": {
|
|
"reference_data": [
|
|
{
|
|
"url": "https://github.com/TarlogicSecurity/Talks/blob/main/2025_RootedCon_BluetoothTools.pdf",
|
|
"refsource": "MISC",
|
|
"name": "https://github.com/TarlogicSecurity/Talks/blob/main/2025_RootedCon_BluetoothTools.pdf"
|
|
},
|
|
{
|
|
"url": "https://x.com/pascal_gujer/status/1898442439704158276",
|
|
"refsource": "MISC",
|
|
"name": "https://x.com/pascal_gujer/status/1898442439704158276"
|
|
},
|
|
{
|
|
"url": "https://www.tarlogic.com/news/backdoor-esp32-chip-infect-ot-devices/",
|
|
"refsource": "MISC",
|
|
"name": "https://www.tarlogic.com/news/backdoor-esp32-chip-infect-ot-devices/"
|
|
},
|
|
{
|
|
"url": "https://www.bleepingcomputer.com/news/security/undocumented-backdoor-found-in-bluetooth-chip-used-by-a-billion-devices/",
|
|
"refsource": "MISC",
|
|
"name": "https://www.bleepingcomputer.com/news/security/undocumented-backdoor-found-in-bluetooth-chip-used-by-a-billion-devices/"
|
|
},
|
|
{
|
|
"url": "https://reg.rootedcon.com/cfp/schedule/talk/5",
|
|
"refsource": "MISC",
|
|
"name": "https://reg.rootedcon.com/cfp/schedule/talk/5"
|
|
},
|
|
{
|
|
"refsource": "MISC",
|
|
"name": "https://flyingpenguin.com/?p=67838",
|
|
"url": "https://flyingpenguin.com/?p=67838"
|
|
},
|
|
{
|
|
"refsource": "MISC",
|
|
"name": "https://github.com/em0gi/CVE-2025-27840",
|
|
"url": "https://github.com/em0gi/CVE-2025-27840"
|
|
},
|
|
{
|
|
"refsource": "MISC",
|
|
"name": "https://github.com/orgs/espruino/discussions/7699",
|
|
"url": "https://github.com/orgs/espruino/discussions/7699"
|
|
},
|
|
{
|
|
"refsource": "MISC",
|
|
"name": "https://www.bleepingcomputer.com/news/security/undocumented-commands-found-in-bluetooth-chip-used-by-a-billion-devices/",
|
|
"url": "https://www.bleepingcomputer.com/news/security/undocumented-commands-found-in-bluetooth-chip-used-by-a-billion-devices/"
|
|
},
|
|
{
|
|
"refsource": "MISC",
|
|
"name": "https://darkmentor.com/blog/esp32_non-backdoor/",
|
|
"url": "https://darkmentor.com/blog/esp32_non-backdoor/"
|
|
},
|
|
{
|
|
"refsource": "MISC",
|
|
"name": "https://news.ycombinator.com/item?id=43308740",
|
|
"url": "https://news.ycombinator.com/item?id=43308740"
|
|
},
|
|
{
|
|
"refsource": "MISC",
|
|
"name": "https://news.ycombinator.com/item?id=43301369",
|
|
"url": "https://news.ycombinator.com/item?id=43301369"
|
|
},
|
|
{
|
|
"refsource": "MISC",
|
|
"name": "https://github.com/esphome/esphome/discussions/8382",
|
|
"url": "https://github.com/esphome/esphome/discussions/8382"
|
|
},
|
|
{
|
|
"refsource": "MISC",
|
|
"name": "https://cheriot.org/auditing/backdoor/2025/03/09/no-esp32-style-backdoor.html",
|
|
"url": "https://cheriot.org/auditing/backdoor/2025/03/09/no-esp32-style-backdoor.html"
|
|
},
|
|
{
|
|
"refsource": "MISC",
|
|
"name": "https://www.espressif.com/en/news/Response_ESP32_Bluetooth",
|
|
"url": "https://www.espressif.com/en/news/Response_ESP32_Bluetooth"
|
|
}
|
|
]
|
|
}
|
|
} |