CVE-2024-42484

ESP-NOW OOB Vulnerability In Group Type Message

Description

ESP-NOW Component provides a connectionless Wi-Fi communication protocol. An Out-of-Bound (OOB) vulnerability was discovered in the implementation of the ESP-NOW group type message because there is no check for the addrs_num field of the group type message. This can result in memory corruption related attacks. Normally there are two fields in the group information that need to be checked, i.e., the addrs_num field and the addrs_list fileld. Since we only checked the addrs_list field, an attacker can send a group type message with an invalid addrs_num field, which will cause the message handled by the firmware to be much larger than the current buffer, thus causing a memory corruption issue that goes beyond the payload length.

Category

6.5
CVSS
Severity: Medium
CVSS 3.1 •
EPSS 0.11%
Affected: espressif esp-now
Published at:
Updated at:

References

Link Tags
https://github.com/espressif/esp-now/security/advisories/GHSA-q6f6-4qc5-vhx5
https://github.com/espressif/esp-now/commit/b03a1b4593713fa4bf0038a87edca01f10114a7a

Frequently Asked Questions

What is the severity of CVE-2024-42484?
CVE-2024-42484 has been scored as a medium severity vulnerability.
How to fix CVE-2024-42484?
To fix CVE-2024-42484, make sure you are using an up-to-date version of the affected component(s) by checking the vendor release notes. As for now, there are no other specific guidelines available.
Is CVE-2024-42484 being actively exploited in the wild?
As for now, there are no information to confirm that CVE-2024-42484 is being actively exploited. According to its EPSS score, there is a ~0% probability that this vulnerability will be exploited by malicious actors in the next 30 days.
What software or system is affected by CVE-2024-42484?
CVE-2024-42484 affects espressif esp-now.
This platform uses data from the NIST NVD, MITRE CVE, MITRE CWE, First.org and CISA KEV but is not endorsed or certified by these entities. CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site.
© 2025 Under My Watch. All Rights Reserved.