{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2024-42483", "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "state": "PUBLISHED", "assignerShortName": "GitHub_M", "dateReserved": "2024-08-02T14:13:04.617Z", "datePublished": "2024-09-12T14:12:18.128Z", "dateUpdated": "2024-09-12T16:46:16.388Z"}, "containers": {"cna": {"title": "ESP-NOW Replay Attacks Vulnerability", "problemTypes": [{"descriptions": [{"cweId": "CWE-349", "lang": "en", "description": "CWE-349: Acceptance of Extraneous Untrusted Data With Trusted Data", "type": "CWE"}]}], "metrics": [{"cvssV3_1": {"attackComplexity": "LOW", "attackVector": "ADJACENT_NETWORK", "availabilityImpact": "NONE", "baseScore": 6.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N", "version": "3.1"}}], "references": [{"name": "https://github.com/espressif/esp-now/security/advisories/GHSA-wf6q-c2xr-77xj", "tags": ["x_refsource_CONFIRM"], "url": "https://github.com/espressif/esp-now/security/advisories/GHSA-wf6q-c2xr-77xj"}, {"name": "https://github.com/espressif/esp-now/commit/4e30db50d541b2909d278ef0db05de1a3d7190ef", "tags": ["x_refsource_MISC"], "url": "https://github.com/espressif/esp-now/commit/4e30db50d541b2909d278ef0db05de1a3d7190ef"}], "affected": [{"vendor": "espressif", "product": "esp-now", "versions": [{"version": "< 2.5.2", "status": "affected"}]}], "providerMetadata": {"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "shortName": "GitHub_M", "dateUpdated": "2024-09-12T14:12:18.128Z"}, "descriptions": [{"lang": "en", "value": "ESP-NOW Component provides a connectionless Wi-Fi communication protocol. An replay attacks vulnerability was discovered in the implementation of the ESP-NOW because the caches is not differentiated by message types, it is a single, shared resource for all kinds of messages, whether they are broadcast or unicast, and regardless of whether they are ciphertext or plaintext. This can result an attacker to clear the cache of its legitimate entries, there by creating an opportunity to re-inject previously captured packets. This vulnerability is fixed in 2.5.2."}], "source": {"advisory": "GHSA-wf6q-c2xr-77xj", "discovery": "UNKNOWN"}}, "adp": [{"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2024-09-12T16:46:08.203285Z", "id": "CVE-2024-42483", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-09-12T16:46:16.388Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2024-42483", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2024-09-12T16:46:08.203285Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-09-12T16:46:13.085Z"}}], "cna": {"title": "ESP-NOW Replay Attacks Vulnerability", "source": {"advisory": "GHSA-wf6q-c2xr-77xj", "discovery": "UNKNOWN"}, "metrics": [{"cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 6.5, "attackVector": "ADJACENT_NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "NONE", "confidentialityImpact": "NONE"}}], "affected": [{"vendor": "espressif", "product": "esp-now", "versions": [{"status": "affected", "version": "< 2.5.2"}]}], "references": [{"url": "https://github.com/espressif/esp-now/security/advisories/GHSA-wf6q-c2xr-77xj", "name": "https://github.com/espressif/esp-now/security/advisories/GHSA-wf6q-c2xr-77xj", "tags": ["x_refsource_CONFIRM"]}, {"url": "https://github.com/espressif/esp-now/commit/4e30db50d541b2909d278ef0db05de1a3d7190ef", "name": "https://github.com/espressif/esp-now/commit/4e30db50d541b2909d278ef0db05de1a3d7190ef", "tags": ["x_refsource_MISC"]}], "descriptions": [{"lang": "en", "value": "ESP-NOW Component provides a connectionless Wi-Fi communication protocol. An replay attacks vulnerability was discovered in the implementation of the ESP-NOW because the caches is not differentiated by message types, it is a single, shared resource for all kinds of messages, whether they are broadcast or unicast, and regardless of whether they are ciphertext or plaintext. This can result an attacker to clear the cache of its legitimate entries, there by creating an opportunity to re-inject previously captured packets. This vulnerability is fixed in 2.5.2."}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-349", "description": "CWE-349: Acceptance of Extraneous Untrusted Data With Trusted Data"}]}], "providerMetadata": {"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "shortName": "GitHub_M", "dateUpdated": "2024-09-12T14:12:18.128Z"}}}, "cveMetadata": {"cveId": "CVE-2024-42483", "state": "PUBLISHED", "dateUpdated": "2024-09-12T16:46:16.388Z", "dateReserved": "2024-08-02T14:13:04.617Z", "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "datePublished": "2024-09-12T14:12:18.128Z", "assignerShortName": "GitHub_M"}, "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:espressif:esp-now:*:*:*:*:*:*:*:*", "matchCriteriaId": "3C392E00-5DEB-4D98-9897-D1AD741E6FA1", "versionEndExcluding": "2.5.2", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "ESP-NOW Component provides a connectionless Wi-Fi communication protocol. An replay attacks vulnerability was discovered in the implementation of the ESP-NOW because the caches is not differentiated by message types, it is a single, shared resource for all kinds of messages, whether they are broadcast or unicast, and regardless of whether they are ciphertext or plaintext. This can result an attacker to clear the cache of its legitimate entries, there by creating an opportunity to re-inject previously captured packets. This vulnerability is fixed in 2.5.2."}, {"lang": "es", "value": "El componente ESP-NOW proporciona un protocolo de comunicaci\u00f3n Wi-Fi sin conexi\u00f3n. Se descubri\u00f3 una vulnerabilidad de ataques de repetici\u00f3n en la implementaci\u00f3n de ESP-NOW porque las cach\u00e9s no se diferencian por tipos de mensajes, son un \u00fanico recurso compartido para todo tipo de mensajes, ya sean de difusi\u00f3n o unidifusi\u00f3n, y sin importar si son texto cifrado o texto plano. Esto puede provocar que un atacante borre la cach\u00e9 de sus entradas leg\u00edtimas, creando as\u00ed una oportunidad para volver a inyectar paquetes capturados previamente. Esta vulnerabilidad se corrigi\u00f3 en la versi\u00f3n 2.5.2."}], "id": "CVE-2024-42483", "lastModified": "2024-09-23T14:06:04.427", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "ADJACENT_NETWORK", "availabilityImpact": "NONE", "baseScore": 6.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N", "version": "3.1"}, "exploitabilityScore": 2.8, "impactScore": 3.6, "source": "nvd@nist.gov", "type": "Primary"}, {"cvssData": {"attackComplexity": "LOW", "attackVector": "ADJACENT_NETWORK", "availabilityImpact": "NONE", "baseScore": 6.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N", "version": "3.1"}, "exploitabilityScore": 2.8, "impactScore": 3.6, "source": "security-advisories@github.com", "type": "Secondary"}]}, "published": "2024-09-12T15:18:22.093", "references": [{"source": "security-advisories@github.com", "tags": ["Patch"], "url": "https://github.com/espressif/esp-now/commit/4e30db50d541b2909d278ef0db05de1a3d7190ef"}, {"source": "security-advisories@github.com", "tags": ["Exploit", "Third Party Advisory"], "url": "https://github.com/espressif/esp-now/security/advisories/GHSA-wf6q-c2xr-77xj"}], "sourceIdentifier": "security-advisories@github.com", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-345"}], "source": "nvd@nist.gov", "type": "Primary"}, {"description": [{"lang": "en", "value": "CWE-349"}], "source": "security-advisories@github.com", "type": "Secondary"}]}

{}