Home
Description
Espressif Esp idf v5.3.0 is vulnerable to Insecure Permissions resulting in Authentication bypass. In the reconnection phase, the device reuses the session key from a previous connection session, creating an opportunity for attackers to execute security bypass attacks.
References
github.com/.../BLE_TEST/blob/main/result/PoC/Esp/sk_reuse.md