CVE-2025-68622 MEDIUM

CVE-2025-68622: Espressif ESP-IDF USB Host UVC Class Driver has a stack buffer overflow in UVC descriptor printing

Vendor Espressif
Product esp-usb
Weakness CWE-121
Published January 12, 2026
Last update January 12, 2026

CVSS base score

6.8/10
Attack vector Physical
Attack complexity Low
Privileges required None
User interaction None
Confidentiality High
Integrity High

CVSS vector

CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

What the vulnerability does

01Description

Espressif ESP-IDF USB Host UVC Class Driver allows video streaming from USB cameras. Prior to 2.4.0, a vulnerability in the esp-usb UVC host implementation allows a malicious USB Video Class (UVC) device to trigger a stack buffer overflow during configuration-descriptor parsing. When UVC configuration-descriptor printing is enabled, the host prints detailed descriptor information provided by the connected USB device. A specially crafted UVC descriptor may advertise an excessively large length. Because this value is not validated before being copied into a fixed-size stack buffer, an attacker can overflow the buffer and corrupt memory. This vulnerability is fixed in 2.4.0.

Key dates

02Disclosure timeline

January 12, 2026 CVE published
January 12, 2026 Record updated