CVE Catalog

CVE-2026-45542

HighCVSS 7.1
Published: Updated: Translated: NVD NIST

Exploitation Probability (EPSS)

Low risk
0.03%

9th percentile - higher than 9% of all known CVEs

Summary

In the Espressif Internet of Things (IOT) development framework, versions 5.2.6, 5.3.5, 5.4.4, 5.5.4, and 6.0, a heap buffer overflow exists in the session-setup path of the protocomm component. The issue arises from trusting the length of a client-supplied protobuf field for the SRP6a username, leading to heap corruption when an oversized value is provided.

Risk Assessment

Organizations may be vulnerable to attacks that exploit this vulnerability to cause buffer overflows, potentially leading to unauthorized access or system crashes.

Recommendation

It is recommended to upgrade to versions 5.2.7, 5.3.6, 5.4.5, 5.5.5, or 6.0.1, where the issue has been patched.

Original NVD description (English source)

ESF-IDF is the Espressif Internet of Things (IOT) Development Framework. In versions 5.2.6, 5.3.5, 5.4.4, 5.5.4, and 6.0, a heap buffer overflow exists in the Security Scheme 2 (SRP6a) session-setup path of the protocomm component. The first-phase handler (handle_session_command0() in components/protocomm/src/security/security2.c) trusts the length of a client-supplied protobuf field for the SRP6a username and copies it into a buffer whose size is derived from a narrower destination type. The resulting truncation-versus-copy asymmetry corrupts the heap when an oversized value is supplied. This issue has been patched in versions 5.2.7, 5.3.6, 5.4.5, 5.5.5, and 6.0.1.

Vulnerability data from NVD (NIST) · CISA KEV · EPSS