CVE-2026-45329 Overview
CVE-2026-45329 affects the Espressif IoT Development Framework (ESP-IDF), specifically the ESP-TEE secure-service wrappers in esp_secure_services.c and esp_secure_services_iram.c. Several wrappers validate only some of the caller-supplied pointer arguments, leaving input pointers unchecked. A caller in the Rich Execution Environment (REE) can pass pointers into TEE-exclusive memory, causing TEE-protected peripherals such as ECC, SHA, and SPI to read TEE memory and return derived results to the REE. The flaw is tracked as improper input validation [CWE-20].
Critical Impact
A local REE caller can disclose TEE-resident sensitive data through raw memory reads, recoverable computed functions, or single-bit oracles built from repeated wrapper calls.
Affected Products
- Espressif ESP-IDF version 5.5.4
- Espressif ESP-IDF version 6.0
- ESP-TEE secure-service wrappers (esp_secure_services.c, esp_secure_services_iram.c)
Discovery Timeline
- 2026-06-10 - CVE-2026-45329 published to NVD
- 2026-06-10 - Last updated in NVD database
Technical Details for CVE-2026-45329
Vulnerability Analysis
ESP-TEE provides a Trusted Execution Environment on Espressif RISC-V SoCs by isolating sensitive code and data from the Rich Execution Environment. Secure-service wrappers expose controlled entry points so REE code can request operations on TEE-managed peripherals. The wrappers in esp_secure_services.c and esp_secure_services_iram.c validate output pointers but fail to validate input pointer arguments supplied by the caller.
The TEE-protected hardware peripherals (ECC, SHA, SPI) run in RISC-V machine mode (M-mode) with full address-space access. When the wrapper hands an unchecked input pointer to a peripheral, the peripheral dereferences it without honoring the REE/TEE memory partition. This allows the caller to direct a privileged peripheral to read memory the caller cannot read directly.
The disclosure surface varies by wrapper. Some return raw bytes copied from TEE memory. Others return a computed function of TEE memory, which an attacker can invert through repeated calls. A third class returns a single bit per invocation, forming an oracle that supports incremental disclosure of sensitive material such as cryptographic keys.
Root Cause
The root cause is incomplete argument validation at the TEE boundary. The wrappers do not enforce that input pointer arguments reference REE-accessible memory regions before passing them to M-mode peripheral drivers. The trust boundary between REE callers and TEE-resident data is therefore not enforced for read paths.
Attack Vector
Exploitation requires local code execution in the REE on an affected ESP-IDF device. An attacker invokes the vulnerable secure-service wrappers with crafted pointers targeting TEE memory ranges. Depending on the wrapper, the attacker reads bytes directly, reconstructs values from peripheral outputs, or runs repeated calls to extract data one bit at a time. No authentication is required because the wrappers are designed to be callable from REE code.
No verified public proof-of-concept code is available. See the GitHub Security Advisory GHSA-w82j-7q63-7pqm for vendor technical details.
Detection Methods for CVE-2026-45329
Indicators of Compromise
- Unexpected or high-frequency invocations of ESP-TEE secure-service wrappers from REE code paths that do not normally use ECC, SHA, or SPI services.
- Firmware images built against ESP-IDF 5.5.4 or 6.0 that have not been rebuilt against 5.5.5 or 6.0.1.
- Anomalous RISC-V M-mode peripheral access patterns observed during firmware tracing or emulation.
Detection Strategies
- Audit firmware for the affected ESP-IDF version strings and confirm whether ESP-TEE is enabled in the project configuration.
- Review REE application code for direct or indirect calls into esp_secure_services.c wrappers and flag callers passing externally derived pointer arguments.
- Apply static analysis to identify call sites where input pointers crossing the TEE boundary are not bounds-checked against REE-permitted ranges.
Monitoring Recommendations
- Track ESP-IDF version metadata across deployed device fleets and alert on devices still running 5.5.4 or 6.0.
- Monitor build pipelines and SBOMs for inclusion of vulnerable ESP-IDF commits referenced in the Espressif advisory.
- Where device telemetry is available, log secure-service wrapper invocation rates and investigate sustained spikes consistent with bit-oracle extraction.
How to Mitigate CVE-2026-45329
Immediate Actions Required
- Upgrade ESP-IDF to version 5.5.5 or 6.0.1 and rebuild all affected firmware images.
- Re-flash deployed devices running ESP-IDF 5.5.4 or 6.0 with patched firmware through your secure update channel.
- Inventory products using ESP-TEE and prioritize devices that store cryptographic keys or other TEE-resident secrets.
Patch Information
Espressif released fixes in ESP-IDF 5.5.5 and 6.0.1. The remediation adds validation of caller-supplied input pointer arguments in the ESP-TEE secure-service wrappers. Relevant commits include 145ba4c4, 7867f4a5, and eebabaff. Full details are documented in GHSA-w82j-7q63-7pqm.
Workarounds
- If patching is delayed, restrict which REE components can invoke ESP-TEE secure-service wrappers and remove untrusted code paths that reach them.
- Rotate any cryptographic material that may have been exposed to REE callers on unpatched devices before placing patched devices back into trusted use.
- Disable ESP-TEE features that are not required by the application until firmware can be rebuilt against a fixed ESP-IDF release.
# Configuration example: verify and update ESP-IDF version
cd $IDF_PATH
git fetch --tags
git checkout v5.5.5 # or v6.0.1
git submodule update --init --recursive
./install.sh
. ./export.sh
idf.py fullclean && idf.py build
Disclaimer: This content was generated using AI. While we strive for accuracy, please verify critical information with official sources.
