Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

debian логотип

CVE-2023-46894

Опубликовано: 09 нояб. 2023
Источник: debian
EPSS Низкий

Описание

An issue discovered in esptool 4.6.2 allows attackers to view sensitive information via weak cryptographic algorithm.

Примечания

  • Bogus issue reported for esptool, also see

  • https://github.com/espressif/esptool/issues/926

  • Old revisions of one of the supported chipsets were using AES ECB for secure

  • boot and flash encryption, but newer ones have switched to newer cryptographic

  • algorithms. esptool keeps support for the older algorithms, in order to keep

  • the ability to work with older revisions of the hardware.

EPSS

Процентиль: 24%
0.0008
Низкий

Связанные уязвимости

ubuntu логотип

CVE-2023-46894

CVSS3: 7.5
ubuntu
около 2 лет назад

An issue discovered in esptool 4.6.2 allows attackers to view sensitive information via weak cryptographic algorithm.

redhat логотип

CVE-2023-46894

CVSS3: 3.3
redhat
около 2 лет назад

An issue discovered in esptool 4.6.2 allows attackers to view sensitive information via weak cryptographic algorithm.

nvd логотип

CVE-2023-46894

CVSS3: 7.5
nvd
около 2 лет назад

An issue discovered in esptool 4.6.2 allows attackers to view sensitive information via weak cryptographic algorithm.

github логотип

GHSA-3f38-96qm-r3fw

CVSS3: 7.5
github
около 2 лет назад

esptool allows attackers to view sensitive information via weak cryptographic algorithm

EPSS

Процентиль: 24%
0.0008
Низкий