CVE-2023-46894

HIGH

esptool <4.6.2 - Info Disclosure

Title source: llm
STIX 2.1

Description

An issue discovered in esptool 4.6.2 allows attackers to view sensitive information via weak cryptographic algorithm.

References (1)

Scores

CVSS v3 7.5
EPSS 0.0008
EPSS Percentile 23.5%
Attack Vector NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

CISA SSVC

Vulnrichment
Exploitation none
Automatable no
Technical Impact partial

Details

CWE
CWE-326
Status published
Products (2)
espressif/esptool 4.6.2
pypi/esptool 0PyPI
Published Nov 09, 2023
Tracked Since Feb 18, 2026