PT-2025-50537 · Espressif Systems+1 · Esp32+1
Published
2025-12-10
·
Updated
2025-12-30
·
CVE-2025-65829
CVSS v3.1
6.8
Medium
| Vector | AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H |
Name of the Vulnerable Software and Affected Versions
Meatmeet basestation devices with ESP32 system on a chip (affected versions not specified)
Description
The ESP32 system on a chip used in Meatmeet basestation devices lacks Secure Boot functionality. Secure Boot verifies the authenticity of software during the startup process, establishing a chain of trust. The absence of this feature allows an attacker with physical access to modify the device's firmware and execute malicious code when the device starts.
Recommendations
At the moment, there is no information about a newer version that contains a fix for this vulnerability.
Code Injection
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Esp32
Meatmeet Basestation