Skip to main content

ESP-IDF CVE-2026-45329

| EUVDEUVD-2026-35917 MEDIUM
Improper Input Validation (CWE-20)
2026-06-10 GitHub_M
6.5
CVSS 3.1 · NVD
Share

Severity by source

NVD PRIMARY
6.5 MEDIUM
AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N

Primary rating from NVD · only source for this CVE.

CVSS VectorNVD

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N
Attack Vector
Local
Attack Complexity
Low
Privileges Required
Low
User Interaction
None
Scope
Changed
Confidentiality
High
Integrity
None
Availability
None

Lifecycle Timeline

4
Severity Changed
Jun 11, 2026 - 18:07 NVD
HIGH MEDIUM
CVSS changed
Jun 11, 2026 - 18:07 NVD
7.1 (HIGH) 6.5 (MEDIUM)
Source Code Evidence Fetched
Jun 10, 2026 - 01:52 vuln.today
Analysis Generated
Jun 10, 2026 - 01:52 vuln.today

DescriptionNVD

ESF-IDF is the Espressif Internet of Things (IOT) Development Framework. In versions 5.5.4 and 6.0, several ESP-TEE secure-service wrappers in esp_secure_services.c and esp_secure_services_iram.c validated only some of the caller-supplied pointer arguments, leaving input pointer arguments unchecked. Because the underlying TEE-protected hardware peripherals (e.g., ECC, SHA, SPI) run in RISC-V machine mode (M-mode) with full address-space access, a caller could supply pointers into TEE-exclusive memory as inputs, causing the peripheral to read TEE memory and return results derived from it to the REE. Depending on the wrapper, the result contains raw bytes from TEE memory, a computed function of TEE memory recoverable through repeated calls, or a single bit per call that forms an oracle for incremental disclosure of TEE-resident sensitive data. This issue has been patched in versions 5.5.5 and 6.0.1.

AnalysisAI

Information disclosure in Espressif ESP-IDF 5.5.4 and 6.0 allows local code in the Rich Execution Environment (REE) to leak TEE-protected memory by passing crafted pointer arguments to ESP-TEE secure-service wrappers. Because TEE hardware peripherals (ECC, SHA, SPI) run in RISC-V M-mode with full address-space access, attackers can coerce them to read from TEE-exclusive memory and return raw bytes, computed functions, or single-bit oracles enabling incremental disclosure of sensitive material. No public exploit identified at time of analysis; vendor-released patches exist in 5.5.5 and 6.0.1.

Technical ContextAI

ESP-IDF is Espressif's official IoT development framework for ESP32-family microcontrollers, providing FreeRTOS-based firmware libraries and the ESP-TEE (Trusted Execution Environment) subsystem that isolates security-sensitive code from the general-purpose REE on RISC-V variants. The vulnerable code lives in components/esp_tee/subproject/main/core/esp_secure_services.c and esp_secure_services_iram.c, which expose secure-service wrappers (e.g., _ss_esp_aes_crypt_cbc, _ss_esp_aes_crypt_ctr, SHA, ECC, SPI helpers) that the REE invokes to use TEE-owned hardware peripherals. The root cause maps to CWE-20 (Improper Input Validation): the original wrappers only checked endpoint pointers (input, output, input+length) with esp_tee_ptr_in_ree() and missed several caller-supplied pointer arguments (ctx, iv, iv_off, nonce_counter, stream_block, etc.); the fix replaces these with esp_tee_buf_in_ree(buf, size) range checks across every pointer parameter so a buffer that overlaps TEE memory is rejected before the M-mode peripheral DMAs against it.

RemediationAI

Upgrade to ESP-IDF 5.5.5 (from the 5.5.x branch) or 6.0.1 (from the 6.0.x branch) and rebuild and reflash all firmware images that include the ESP-TEE component; the fixes in commits 145ba4c42dc8283054cfde9a1c3470db7399192f, 7867f4a57560bf9fc4a931e37ba02b7a3e9f406b, and eebabaff2fdc273b1530fe66e55fb3bcd181dfd6 replace the partial esp_tee_ptr_in_ree() endpoint checks with full esp_tee_buf_in_ree(buf, size) range checks on every pointer argument and add a missing rel_offset/size overflow check in esp_tee_ota_write. Consult the vendor advisory at https://github.com/espressif/esp-idf/security/advisories/GHSA-w82j-7q63-7pqm for the authoritative version matrix. If a fleet-wide OTA cannot be performed immediately, compensating controls are limited because the wrappers are core TEE syscalls: where feasible, minimize use of the affected AES, SHA, ECC, and SPI secure services from REE code paths, audit REE applications to ensure only trusted components issue these calls, and treat any TEE-resident secret as potentially exposed on unpatched devices when planning key rotation - note that disabling the secure services entirely will break legitimate TEE-backed cryptography and is not a practical workaround.

Share

CVE-2026-45329 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy