PT-2025-47821 · Espressif+2 · Esp32+2
Adrian Cinal
·
Published
2025-11-21
·
Updated
2025-12-04
·
CVE-2025-12888
CVSS v3.1
7.5
High
| Vector | AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N |
Name of the Vulnerable Software and Affected Versions
X25519 (affected versions not specified)
Description
A flaw exists in X25519 constant-time cryptographic implementations due to timing side channels. These side channels are introduced by compiler optimizations and CPU architecture limitations, particularly affecting Xtensa-based ESP32 chips. When targeting Xtensa, utilizing the low memory implementations of X25519 is recommended. The low memory implementations are now the default for Xtensa.
Recommendations
For Xtensa-based ESP32 chips, use the low memory implementations of X25519.
Fix
Side Channel Attack
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Debian
Esp32
X25519