CyberAlerts is shutting down on June 30th, 2025. Thank you for your support!
CVE-2025-27840: Espressif ESP32 chips allow 29 hidden HCI commands, such as 0xFC02 (Write memory).
7.1
CVSS
Description
Espressif ESP32 chips allow 29 hidden HCI commands, such as 0xFC02 (Write memory).
Classification
CVE ID: CVE-2025-27840
CVSS Base Severity: HIGH
CVSS Base Score: 7.1
CVSS Vector: CVSS:3.1/AV:P/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:L
Problem Types
CWE-912 Hidden FunctionalityAffected Products
Vendor: Espressif
Product: ESP32
Exploit Prediction Scoring System (EPSS)
EPSS Score: 0.1% (probability of being exploited)
EPSS Percentile: 25.31% (scored less or equal to compared to others)
EPSS Date: 2025-04-06 (when was this score calculated)
References
https://nvd.nist.gov/vuln/detail/CVE-2025-27840https://github.com/TarlogicSecurity/Talks/blob/main/2025_RootedCon_BluetoothTools.pdf
https://x.com/pascal_gujer/status/1898442439704158276
https://www.tarlogic.com/news/backdoor-esp32-chip-infect-ot-devices/
https://www.bleepingcomputer.com/news/security/undocumented-backdoor-found-in-bluetooth-chip-used-by-a-billion-devices/
https://reg.rootedcon.com/cfp/schedule/talk/5