CVSS: 7.5EPSS: 0%CPEs: 4EXPL: 0CVE-2024-53845 – AES/CBC Constant IV Vulnerability in ESPTouch v2
https://notcve.org/view.php?id=CVE-2024-53845
11 Dec 2024 — ESPTouch is a connection protocol for internet of things devices. In the ESPTouchV2 protocol, while there is an option to use a custom AES key, there is no option to set the IV (Initialization Vector) prior to versions 5.3.2, 5.2.4, 5.1.6, and 5.0.8. The IV is set to zero and remains constant throughout the product's lifetime. In AES/CBC mode, if the IV is not properly initialized, the encrypted output becomes deterministic, leading to potential data leakage. To address the aforementioned issues, the applic... • https://github.com/EspressifApp/EsptouchForAndroid/tree/master/esptouch-v2 • CWE-327: Use of a Broken or Risky Cryptographic Algorithm CWE-909: Missing Initialization of Resource •
CVSS: 6.1EPSS: 0%CPEs: 4EXPL: 0CVE-2024-28183 – Anti Rollback bypass with physical access and TOCTOU attack
https://notcve.org/view.php?id=CVE-2024-28183
25 Mar 2024 — ESP-IDF is the development framework for Espressif SoCs supported on Windows, Linux and macOS. A Time-of-Check to Time-of-Use (TOCTOU) vulnerability was discovered in the implementation of the ESP-IDF bootloader which could allow an attacker with physical access to flash of the device to bypass anti-rollback protection. Anti-rollback prevents rollback to application with security version lower than one programmed in eFuse of chip. This attack can allow to boot past (passive) application partition having low... • https://github.com/espressif/esp-idf/commit/3305cb4d235182067936f8e940e6db174e25b4b2 • CWE-367: Time-of-check Time-of-use (TOCTOU) Race Condition •