Espressif ESP-IDF Tools is a suite of software tools used for the development of applications for Espressif Systems' ESP32, ESP32-S, and ESP32-C series of SoCs. It includes build tools, a compiler, OpenOCD and ESP-IDF Tools Installer. The tools facilitate the setup of environments, building, flashing, monitoring, and other tasks required for ESP-IDF development on a variety of operating systems.

Espressif ESP-IDF Tools

Espressif Esp idf v5.3.0 is vulnerable to Insecure Permissions resulting in Authentication bypass. In the reconnection phase, the device reuses the session key from a previous connection session, creating an opportunity for attackers to execute security bypass attacks.

CVE ID	Severity	Score	Technologies	Component name	CISA KEV exploit	Has fix	Published date
CVE-2025-52471	HIGH	7.2	Espressif ESP-IDF Tools	cpe:2.3:a:espressif:esp-idf	No	Yes	Jun 24, 2025
CVE-2025-65092	MEDIUM	6.9	Espressif ESP-IDF Tools	cpe:2.3:a:espressif:esp-idf	No	Yes	Nov 21, 2025
CVE-2025-64342	MEDIUM	6.9	Espressif ESP-IDF Tools	cpe:2.3:a:espressif:esp-idf	No	Yes	Nov 17, 2025
CVE-2025-55297	MEDIUM	5.2	Espressif ESP-IDF Tools	cpe:2.3:a:espressif:esp-idf	No	Yes	Aug 21, 2025
CVE-2025-66409	LOW	2.7	Espressif ESP-IDF Tools	cpe:2.3:a:espressif:esp-idf	No	Yes	Dec 02, 2025

CVE-2024-53406:
Espressif ESP-IDF Tools vulnerability analysis and mitigation

8.8

Related Espressif ESP-IDF Tools vulnerabilities:

Benchmark your Cloud Security Posture

Additional Wiz resources

Cloud Vulnerability DB

Cloud Threat Landscape

PEACH

Ready to see Wiz in action?

CVE-2024-53406: Espressif ESP-IDF Tools vulnerability analysis and mitigation