CVE-2025-27840 :: Enginsight Vulnerability Database

Provider	Type	Base Score	Atk. Vector	Atk. Complexity	Priv. Required	Vector
NIST	Primary	6.8 MEDIUM	PHYSICAL	HIGH	HIGH	CVSS:3.1/AV:P/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:L
mitre	CNA	6.8 MEDIUM				CVSS:3.1/AV:P/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:L

Base Score

CVSS 3.x

EPSS Score

Percentile: 53%

Affected Products (NVD)

Vendor	Product	Version
espressif	esp32_firmware	-

𝑥

= Vulnerable software versions

Known Exploits!

Common Weakness Enumeration

CWE-912 - Hidden Functionality
The software contains functionality that is not documented, not part of the specification, and not accessible through an interface or command sequence that is obvious to the software's users or administrators.

References

https://cheriot.org/auditing/backdoor/2025/03/09/no-esp32-style-backdoor.html

https://darkmentor.com/blog/esp32_non-backdoor/

https://flyingpenguin.com/?p=67838

https://github.com/TarlogicSecurity/Talks/blob/main/2025_RootedCon_BluetoothTools.pdf

https://github.com/em0gi/CVE-2025-27840

https://github.com/esphome/esphome/discussions/8382

https://github.com/orgs/espruino/discussions/7699

https://news.ycombinator.com/item?id=43301369

https://news.ycombinator.com/item?id=43308740

https://reg.rootedcon.com/cfp/schedule/talk/5

https://www.bleepingcomputer.com/news/security/undocumented-backdoor-found-in-bluetooth-chip-used-by-a-billion-devices/

https://www.bleepingcomputer.com/news/security/undocumented-commands-found-in-bluetooth-chip-used-by-a-billion-devices/

https://www.espressif.com/en/news/Response_ESP32_Bluetooth

https://www.tarlogic.com/news/backdoor-esp32-chip-infect-ot-devices/

https://x.com/pascal_gujer/status/1898442439704158276