Auto-Update: 2025-03-08T21:00:19.630985+00:00

This commit is contained in:
cad-safe-bot 2025-03-08 21:03:48 +00:00
parent 68b2364473
commit 542d013783
3 changed files with 80 additions and 7 deletions

View File

@ -0,0 +1,72 @@
{
"id": "CVE-2025-27840",
"sourceIdentifier": "cve@mitre.org",
"published": "2025-03-08T20:15:36.027",
"lastModified": "2025-03-08T20:15:36.027",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Espressif ESP32 chips allow 29 hidden HCI commands, such as 0xFC02 (Write memory)."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "cve@mitre.org",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:P/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:L",
"baseScore": 7.1,
"baseSeverity": "HIGH",
"attackVector": "PHYSICAL",
"attackComplexity": "HIGH",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "CHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "LOW"
},
"exploitabilityScore": 0.5,
"impactScore": 6.0
}
]
},
"weaknesses": [
{
"source": "cve@mitre.org",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-912"
}
]
}
],
"references": [
{
"url": "https://github.com/TarlogicSecurity/Talks/blob/main/2025_RootedCon_BluetoothTools.pdf",
"source": "cve@mitre.org"
},
{
"url": "https://reg.rootedcon.com/cfp/schedule/talk/5",
"source": "cve@mitre.org"
},
{
"url": "https://www.bleepingcomputer.com/news/security/undocumented-backdoor-found-in-bluetooth-chip-used-by-a-billion-devices/",
"source": "cve@mitre.org"
},
{
"url": "https://www.tarlogic.com/news/backdoor-esp32-chip-infect-ot-devices/",
"source": "cve@mitre.org"
},
{
"url": "https://x.com/pascal_gujer/status/1898442439704158276",
"source": "cve@mitre.org"
}
]
}

View File

@ -13,13 +13,13 @@ Repository synchronizes with the NVD every 2 hours.
### Last Repository Update
```plain
2025-03-08T17:00:20.254595+00:00
2025-03-08T21:00:19.630985+00:00
```
### Most recent CVE Modification Timestamp synchronized with NVD
```plain
2025-03-08T16:15:34.550000+00:00
2025-03-08T20:15:36.027000+00:00
```
### Last Data Feed Release
@ -33,20 +33,20 @@ Download and Changelog: [Click](https://github.com/fkie-cad/nvd-json-data-feeds/
### Total Number of included CVEs
```plain
284552
284553
```
### CVEs added in the last Commit
Recently added CVEs: `0`
Recently added CVEs: `1`
- [CVE-2025-27840](CVE-2025/CVE-2025-278xx/CVE-2025-27840.json) (`2025-03-08T20:15:36.027`)
### CVEs modified in the last Commit
Recently modified CVEs: `1`
Recently modified CVEs: `0`
- [CVE-2023-33289](CVE-2023/CVE-2023-332xx/CVE-2023-33289.json) (`2025-03-08T16:15:34.550`)
## Download and Usage

View File

@ -226789,7 +226789,7 @@ CVE-2023-33284,0,0,d0da5008a48df8a13ca95a55afa039e69b1f0015e97eafe62f93398991b7e
CVE-2023-33285,0,0,30741f1677c923d9321a174f24cbcfbb45d70b7fa16adbecc164042f72c69993,2024-11-21T08:05:20.157000
CVE-2023-33287,0,0,4589690dfbbc05dbf65975779ea5f06e069047b263db7ad14eeef921b27b9778,2025-01-10T16:15:26.393000
CVE-2023-33288,0,0,26838f7327104c1b47d024f5db0a9eb1c2668da883675bbf3c61e6d3c54ee2da,2024-11-21T08:05:20.497000
CVE-2023-33289,0,1,f7fa52dcf4815a7bc1f7607ba8a52d04f13067851cb6faf3eeaff67eb8b78efb,2025-03-08T16:15:34.550000
CVE-2023-33289,0,0,f7fa52dcf4815a7bc1f7607ba8a52d04f13067851cb6faf3eeaff67eb8b78efb,2025-03-08T16:15:34.550000
CVE-2023-3329,0,0,3e639db55d9b83618de638ac73b22a875829db310a8f87faef030071a6e573a8,2024-11-21T08:17:01.620000
CVE-2023-33290,0,0,bc6a69010fb5c4656505a017a49e45680fe2923b4184f220645c15aeaaf633ad,2024-11-21T08:05:20.870000
CVE-2023-33291,0,0,98a73c5a299c04428af908a2bd26a9c74200b238c366aa50af50fa19f5b47038,2025-01-14T19:15:30.877000
@ -284551,3 +284551,4 @@ CVE-2025-27824,0,0,bbbadd94bca912d17091ba5687790372eed06151266f5eb5403da18d55309
CVE-2025-27825,0,0,99e9b9d3befd54cbb55880416607fbc7e5d90c9fee9cdc2881cb2480979fee41,2025-03-07T22:15:38.380000
CVE-2025-27826,0,0,83fe28f5c1c38336a328c924367a016f575cf3bedee9c6070949943b515ded3d,2025-03-07T22:15:38.527000
CVE-2025-27839,0,0,212b3d30d2c1f53f372c7e143c6e03922deeb9da14f018db14d5749815db8000,2025-03-08T00:15:38.340000
CVE-2025-27840,1,1,7d2524c6b84334effec85ee9043fdbd794fc7f9dac3f9570023d7c013da942a9,2025-03-08T20:15:36.027000

Can't render this file because it is too large.