CVE-2024-28183

See a problem?
Please try reporting it to the source first.
Source
https://cve.org/CVERecord?id=CVE-2024-28183
Import Source
https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2024-28183.json
JSON Data
https://api.test.osv.dev/v1/vulns/CVE-2024-28183
Aliases
  • GHSA-22x6-3756-pfp8
Published
2024-03-25T14:31:28.466Z
Modified
2025-12-07T04:09:16.781728Z
Severity
  • 6.1 (Medium) CVSS_V3 - CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N CVSS Calculator
Summary
Anti Rollback bypass with physical access and TOCTOU attack
Details

ESP-IDF is the development framework for Espressif SoCs supported on Windows, Linux and macOS. A Time-of-Check to Time-of-Use (TOCTOU) vulnerability was discovered in the implementation of the ESP-IDF bootloader which could allow an attacker with physical access to flash of the device to bypass anti-rollback protection. Anti-rollback prevents rollback to application with security version lower than one programmed in eFuse of chip. This attack can allow to boot past (passive) application partition having lower security version of the same device even in the presence of the flash encryption scheme. The attack requires carefully modifying the flash contents after the anti-rollback checks have been performed by the bootloader (before loading the application). The vulnerability is fixed in 4.4.7 and 5.2.1.

Database specific 
{
    "cwe_ids": [
        "CWE-367"
    ],
    "cna_assigner": "GitHub_M",
    "osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2024/28xxx/CVE-2024-28183.json"
}
References

Affected packages

Git / github.com/espressif/esp-idf

Affected ranges

Type
GIT
Repo
https://github.com/espressif/esp-idf
Events
Introduced
0 Unknown introduced commit / All previous commits are affected
Fixed
38eeba213aa695aabfd6d89aa9f5078dbe5a94c3
Database specific 
{
    "versions": [
        {
            "introduced": "0"
        },
        {
            "fixed": "4.4.7"
        }
    ]
}
Type
GIT
Repo
https://github.com/espressif/esp-idf
Events
Introduced
fdfa260b9197a0ef57e5d1d741cbd2e767d86128
Last affected
bcca689866db3dfda47f77670bf8df2a7ec94721
Database specific 
{
    "versions": [
        {
            "introduced": "5.0"
        },
        {
            "last_affected": "5.0.6"
        }
    ]
}
Type
GIT
Repo
https://github.com/espressif/esp-idf
Events
Introduced
012fafb82781f2720f2c636ed3b0ebd0db02cd9d
Last affected
e7771c75bd1dbbfb7b3c5381be7e063b197c9734
Database specific 
{
    "versions": [
        {
            "introduced": "5.1"
        },
        {
            "last_affected": "5.1.3"
        }
    ]
}
Type
GIT
Repo
https://github.com/espressif/esp-idf
Events
Introduced
f8d2c0894cf3c12dc231dafebf75d3f1002b312c
Fixed
a322e6bdad4b6675d4597fb2722eea2851ba88cb
Database specific 
{
    "versions": [
        {
            "introduced": "5.2"
        },
        {
            "fixed": "5.2.1"
        }
    ]
}

Affected versions

v0.*

v0.9

v1.*

v1.0

v2.*

v2.0-rc1
v2.1-rc1

v3.*

v3.0-dev
v3.1-beta1
v3.1-dev
v3.2-beta1
v3.2-dev
v3.3-beta1
v3.3-beta2
v3.3-dev

v4.*

v4.0-dev
v4.1-dev
v4.2-dev
v4.3-beta1
v4.3-dev
v4.4
v4.4-beta1
v4.4-dev
v4.4-rc1
v4.4.1
v4.4.2
v4.4.3
v4.4.4
v4.4.5
v4.4.6

v5.*

v5.0
v5.0-beta1
v5.0-dev
v5.0-rc1
v5.0.1
v5.0.2
v5.0.3
v5.0.4
v5.0.5
v5.0.6
v5.1
v5.1-beta1
v5.1-dev
v5.1-rc1
v5.1-rc2
v5.1.1
v5.1.2
v5.1.3
v5.2
v5.2-beta1
v5.2-beta2
v5.2-dev
v5.2-rc1

Database specific

source

"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2024-28183.json"