CVE-2022-24893

Published: Jun 25, 2022

Modified: Apr 23, 2025

PUBLISHED

CVSS v3.1

7.5

HIGH

Description

ESP-IDF is the official development framework for Espressif SoCs. In Espressif’s Bluetooth Mesh SDK (`ESP-BLE-MESH`), a memory corruption vulnerability can be triggered during provisioning, because there is no check for the `SegN` field of the Transaction Start PDU. This can result in memory corruption related attacks and potentially attacker gaining control of the entire system. Patch commits are available on the 4.1, 4.2, 4.3 and 4.4 branches and users are recommended to upgrade. The upgrade is applicable for all applications and users of `ESP-BLE-MESH` component from `ESP-IDF`. As it is implemented in the Bluetooth Mesh stack, there is no workaround for the user to fix the application layer without upgrading the underlying firmware.

Vendor	Product	Versions
espressif	esp-idf	affected `< 4.1.4` affected `> 4.2.0, < 4.2.4` affected `> 4.3.2, < 4.3.3` affected `> 4.4.1, < 4.4.2`

Weaknesses (CWE)

CWE-787

CWE-788

CVSS v3.1 Details

CVSS v3.1 Vector

CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

Attack Vector

Adjacent

Attack Complexity

High

Privileges Required

None

User Interaction

None

Scope

Unchanged

Confidentiality

High

Integrity

High

Availability

High

References

https://github.com/espressif/esp-idf/security/advisories/GHSA-7f7f-jj2q-28wm

x_refsource_CONFIRM

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2022-24893

Description

Affected Products

Weaknesses (CWE)

CVSS v3.1 Details

References