Security
Headlines
HeadlinesLatestCVEs

Headline

CVE-2023-35818: Wi-Fi & Bluetooth MCUs and AIoT Solutions I Espressif Systems

An issue was discovered on Espressif ESP32 3.0 (ESP32_rev300 ROM) devices. An EMFI attack on ECO3 provides the attacker with a capability to influence the PC value at the CPU context level, regardless of Secure Boot and Flash Encryption status. By using this capability, the attacker can exploit another behavior in the chip to gain unauthorized access to the ROM download mode. Access to ROM download mode may be further exploited to read the encrypted flash content in cleartext format or execute stub code.

CVE
#web#auth#wifi

Developer Zone

Hardware

Espressif drives AIoT development with complete MCU based solutions with integrated Wi-Fi and Bluetooth connectivity.

Learn More

Software

We offer an easy-to-use and efficient development platform for AIoT applications.

Learn More

Documents

View and download Espressif’s technical documents.

Learn More

At Espressif, not only do we design powerful AIoT chips, but we also design their operating systems and application frameworks. In doing so, we also support our customers, all the way from design to certification and manufacturing. By choosing us, you get to concentrate on your design, and bring your product to life quickly, efficiently and at no extra cost.

We’re Hiring!

Espressif is committed to technological innovation for the benefit of both our society and the planet. We are looking for people with a unique blend of creativity, dedication and technological acumen. Join us so we can build an AIoT world together!

Open Positions

Latest Updates

  • The Espressif Thread Border Router is now officially recognised as a Thread-…

  • CoreS3 is a third-generation device in M5Stack’s Core development kit series,…

  • The JRC Board is one of the latest ESP32-based dev boards for IoT development…

  • Put together by Magicbit Academy, this Udemy course will teach you how to build…

  • Adding Golioth’s device management features to an existing ESP-IDF project is a…

  • Espressif Webinars will be launched on 13 Apr., with a presentation on esptools.

  • With the help of ESP32-S3, the Plumerai AI software provides masterful deep-…

  • Espressif and the National University of Singapore have recently co-organised a…

  • Espressif Systems will be an official exhibitor at Embedded World 2023, between…

  • Independent maker Philippe Cadic has created a smart watch based on Espressif’s…

  • Espressif’s ESP32-C6 is now available on the market. ESP-IDF v5.1, currently in…

  • Build your Matter devices with ease using Espressif SoCs (the entire ESP32, and…

CVE: Latest News

CVE-2023-50976: Transactions API Authorization by oleiman · Pull Request #14969 · redpanda-data/redpanda
CVE-2023-6905
CVE-2023-6903
CVE-2023-6904
CVE-2023-3907