Espressif ESP-IDF 2.x, 3.0.x through 3.0.9, 3.1.x through 3.1.7, 3.2.x through 3.2.3, 3.3.x through 3.3.2, and 4.0.x through 4.0.1 has a Buffer Overflow in BluFi provisioning in btc_blufi_recv_handler function in blufi_prf.c. An attacker can send a crafted BluFi protocol Write Attribute command to characteristic 0xFF01. With manipulated packet fields, there is a buffer overflow.
References
Link | Resource |
---|---|
https://github.com/espressif/esp-idf | Third Party Advisory |
https://github.com/pokerfacett/MY_CVE_CREDIT/blob/master/CVE-2020-16146.md | Third Party Advisory |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: mitre
Published: 2021-01-12T02:56:11
Updated: 2021-01-12T02:56:11
Reserved: 2020-07-30T00:00:00
Link: CVE-2020-16146
JSON object: View
NVD Information
Status : Analyzed
Published: 2021-01-12T03:15:12.687
Modified: 2021-01-20T14:56:38.837
Link: CVE-2020-16146
JSON object: View
Redhat Information
No data.
CWE