{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-04-18T02:13:24.182","vulnerabilities":[{"cve":{"id":"CVE-2025-68622","sourceIdentifier":"security-advisories@github.com","published":"2026-01-12T17:15:53.050","lastModified":"2026-01-22T15:50:31.880","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"Espressif ESP-IDF USB Host UVC Class Driver allows video streaming from USB cameras. Prior to 2.4.0, a vulnerability in the esp-usb UVC host implementation allows a malicious USB Video Class (UVC) device to trigger a stack buffer overflow during configuration-descriptor parsing. When UVC configuration-descriptor printing is enabled, the host prints detailed descriptor information provided by the connected USB device. A specially crafted UVC descriptor may advertise an excessively large length. Because this value is not validated before being copied into a fixed-size stack buffer, an attacker can overflow the buffer and corrupt memory. This vulnerability is fixed in 2.4.0."},{"lang":"es","value":"El controlador de clase UVC de host USB de Espressif ESP-IDF permite la transmisión de video desde cámaras USB. Antes de la versión 2.4.0, una vulnerabilidad en la implementación de host UVC de esp-usb permite que un dispositivo malicioso de clase de video USB (UVC) active un desbordamiento de búfer de pila durante el análisis del descriptor de configuración. Cuando la impresión del descriptor de configuración UVC está habilitada, el host imprime información detallada del descriptor proporcionada por el dispositivo USB conectado. Un descriptor UVC especialmente diseñado puede anunciar una longitud excesivamente grande. Debido a que este valor no se valida antes de ser copiado en un búfer de pila de tamaño fijo, un atacante puede desbordar el búfer y corromper la memoria. Esta vulnerabilidad se corrige en la versión 2.4.0."}],"metrics":{"cvssMetricV31":[{"source":"security-advisories@github.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","baseScore":6.8,"baseSeverity":"MEDIUM","attackVector":"PHYSICAL","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":0.9,"impactScore":5.9}]},"weaknesses":[{"source":"security-advisories@github.com","type":"Primary","description":[{"lang":"en","value":"CWE-121"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:espressif:usb_host_uvc_class_driver:*:*:*:*:*:*:*:*","versionEndExcluding":"2.4.0","matchCriteriaId":"106F8B83-D544-4E82-B369-FA77389285F9"}]}]}],"references":[{"url":"https://components.espressif.com/components/espressif/usb_host_uvc/versions/2.4.0/changelog","source":"security-advisories@github.com","tags":["Release Notes"]},{"url":"https://github.com/espressif/esp-usb/commit/77a38b15a17f6e3c7aeb620eb4aeaf61d5194cc0","source":"security-advisories@github.com","tags":["Patch"]},{"url":"https://github.com/espressif/esp-usb/security/advisories/GHSA-g65h-9ggq-9827","source":"security-advisories@github.com","tags":["Vendor Advisory","Patch"]}]}}]}