CVE-2026-45542

June 10, 2026, 2:16 a.m.

7.1
High

Description

ESF-IDF is the Espressif Internet of Things (IOT) Development Framework. In versions 5.2.6, 5.3.5, 5.4.4, 5.5.4, and 6.0, a heap buffer overflow exists in the Security Scheme 2 (SRP6a) session-setup path of the protocomm component. The first-phase handler (handle_session_command0() in components/protocomm/src/security/security2.c) trusts the length of a client-supplied protobuf field for the SRP6a username and copies it into a buffer whose size is derived from a narrower destination type. The resulting truncation-versus-copy asymmetry corrupts the heap when an oversized value is supplied. This issue has been patched in versions 5.2.7, 5.3.6, 5.4.5, 5.5.5, and 6.0.1.

Product(s) Impacted

Vendor Product Versions
Espressif
  • Esf-idf
  • 5.2.6, 5.3.5, 5.4.4, 5.5.4, 6.0

Weaknesses

Common security weaknesses mapped to this vulnerability.

CWE-122
Heap-based Buffer Overflow
A heap overflow condition is a buffer overflow, where the buffer that can be overwritten is allocated in the heap portion of memory, generally meaning that the buffer was allocated using a routine such as malloc().

*CPE(s)

Affected systems and software identified for this CVE.

Type Vendor Product Version Update Edition Language Software Edition Target Software Target Hardware Other Information
a espressif esf-idf 5.2.6 / / / / / / /
a espressif esf-idf 5.3.5 / / / / / / /
a espressif esf-idf 5.4.4 / / / / / / /
a espressif esf-idf 5.5.4 / / / / / / /
a espressif esf-idf 6.0 / / / / / / /

References

https://github.com/espressif/esp-idf/commit/0ea58d79845ad674d0358d5de246015a68c4cb4f
https://github.com/espressif/esp-idf/commit/56c3e385611e63162d0f2f8504ac4ae2ccfccef0
https://github.com/espressif/esp-idf/commit/71eb2dbe6aaef830719ecac8edf409e2992b64b2
https://github.com/espressif/esp-idf/commit/9b4cacf9cbc69379972de6a2247fcf5af9240961
https://github.com/espressif/esp-idf/commit/a2f4554f10ba075c98cbc67464db096ba32497cf
https://github.com/espressif/esp-idf/commit/f5d24a7e919bc5f447091479656b86da6762a103
https://github.com/espressif/esp-idf/security/advisories/GHSA-9r76-858f-v6jh

Tags

[email protected]
CWE-122
2026-06-10
CVE-2026-45542

CVSS Score

7.1 / 10

CVSS Data - 3.1

  • Attack Vector: ADJACENT_NETWORK
  • Attack Complexity: LOW
  • Privileges Required: NONE
  • Scope: UNCHANGED
  • Confidentiality Impact: NONE
  • Integrity Impact: LOW
  • Availability Impact: HIGH

    • CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H

    View Vector String

Timeline

Published: June 10, 2026, 2:16 a.m.
Last Modified: June 10, 2026, 2:16 a.m.

Status : Received

CVE has been recently published to the CVE List and has been received by the NVD.

More info

Source

[email protected]

*Disclaimer: Some vulnerabilities do not have an associated CPE. To enhance the data, we use AI to infer CPEs based on CVE details. This is an automated process and might not always be accurate.