CVE-2020-16146

Name of the Vulnerable Software and Affected Versions Espressif ESP-IDF versions 2.x through 4.0.1

Description The issue is a Buffer Overflow in BluFi provisioning, specifically in the btc blufi recv handler function in blufi prf.c. An attacker can exploit this by sending a crafted BluFi protocol Write Attribute command to characteristic 0xFF01, which can lead to a buffer overflow due to manipulated packet fields.

Recommendations For Espressif ESP-IDF versions 2.x through 4.0.1, consider disabling the btc blufi recv handler function in blufi prf.c as a temporary workaround until a patch is available. Restrict access to the BluFi provisioning module to minimize the risk of exploitation. Avoid using the characteristic 0xFF01 in the BluFi protocol until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.