An issue was discovered in Espressif ESP-IDF 2.x and 3.x before 3.0.6 and 3.1.x before 3.1.1. Insufficient validation of input data in the 2nd stage bootloader allows a physically proximate attacker to bypass secure boot checks and execute arbitrary code, by crafting an application binary that overwrites a bootloader code segment in process_segment in components/bootloader_support/src/esp_image_format.c. The attack is effective when the flash encryption feature is not enabled, or if the attacker finds a different vulnerability that allows them to write this binary to flash memory.
Fixes

Solution

No solution given by the vendor.


Workaround

No workaround given by the vendor.

History

No history.

cve-icon MITRE

Status: PUBLISHED

Assigner: mitre

Published:

Updated: 2024-08-05T11:15:58.936Z

Reserved: 2018-10-22T00:00:00

Link: CVE-2018-18558

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Modified

Published: 2019-05-13T13:29:02.103

Modified: 2024-11-21T03:56:09.217

Link: CVE-2018-18558

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

No data.