Unrated severityNVD Advisory· Published Aug 21, 2025· Updated Aug 22, 2025
ESF-IDF BluFi Example Memory Overflow Vulnerability
CVE-2025-55297
Description
ESF-IDF is the Espressif Internet of Things (IOT) Development Framework. The BluFi example bundled in ESP-IDF was vulnerable to memory overflows in two areas: Wi-Fi credential handling and Diffie–Hellman key exchange. This vulnerability is fixed in 5.4.1, 5.3.3, 5.1.6, and 5.0.9.
Affected products
1Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
13- github.com/espressif/esp-idf/commit/12b7a9e6d78012ab9184b7ccdb5524364bf7e345mitrex_refsource_MISC
- github.com/espressif/esp-idf/commit/3fc6c93936077cb1659e1f0e0268e62cf6423e9dmitrex_refsource_MISC
- github.com/espressif/esp-idf/commit/5f93ec3b11b6115475c34de57093b3672d594e8fmitrex_refsource_MISC
- github.com/espressif/esp-idf/commit/9cb7206d4ae8fd8f4296cd57d6c78a1656f42efamitrex_refsource_MISC
- github.com/espressif/esp-idf/commit/abc18e93eb3500dbec74c3e589671ef82c8b3919mitrex_refsource_MISC
- github.com/espressif/esp-idf/commit/b1657d9dd4d0e48ed25e02cb8fe8413f479a2a84mitrex_refsource_MISC
- github.com/espressif/esp-idf/commit/bf50c0c197af30990026c8f8286298d2aa5a3c99mitrex_refsource_MISC
- github.com/espressif/esp-idf/commit/cb6929a2e6f2ff130b742332dc15eb23006c7cc9mitrex_refsource_MISC
- github.com/espressif/esp-idf/commit/cc00e9f2fc4f7e8fbaff27851b4a8b45fa483501mitrex_refsource_MISC
- github.com/espressif/esp-idf/commit/e65cf7ea2a2be52219ec9d4efc44aed5e490e91cmitrex_refsource_MISC
- github.com/espressif/esp-idf/commit/f40aa9c587a8e570dfde2e6330382dcd170d5a5dmitrex_refsource_MISC
- github.com/espressif/esp-idf/commit/f77da0d5b5382635c99e6708551b73802ad1213dmitrex_refsource_MISC
- github.com/espressif/esp-idf/security/advisories/GHSA-9w88-r2vm-qfc4mitrex_refsource_CONFIRM
News mentions
0No linked articles in our index yet.