Browse all 23 CVE security advisories affecting espressif. AI-powered Chinese analysis, POCs, and references for each vulnerability.
Espressif Systems specializes in low-power Wi-Fi and Bluetooth microcontrollers, primarily serving the Internet of Things market with its ESP8266 and ESP32 series. These embedded devices are frequently targeted due to their widespread deployment in consumer electronics and industrial automation. Historically, security audits have identified critical vulnerabilities including remote code execution, buffer overflows, and improper access controls within the firmware and SDK components. Notable incidents involve flaws allowing unauthorized network access or denial-of-service attacks, often stemming from insufficient input validation in network stack implementations. The company has responded by issuing firmware updates and enhancing secure boot mechanisms, yet the complexity of integrating these chips into diverse third-party applications continues to pose significant security challenges for end-users who may lack the resources to patch legacy devices effectively.
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2025-27840 | Espressif ESP32 安全漏洞 — ESP32CWE-912 | 6.8 | Medium | 2025-03-08 |
This page lists every published CVE security advisory associated with espressif. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.