diff --git a/components/bt/controller/esp32c2/Kconfig.in b/components/bt/controller/esp32c2/Kconfig.in
index 43422b88f8..e6faecfe3a 100644
--- a/components/bt/controller/esp32c2/Kconfig.in
+++ b/components/bt/controller/esp32c2/Kconfig.in
@@ -658,3 +658,11 @@ config BT_LE_PLACE_CONN_RELATED_INTO_IRAM
     bool "Place the connection-related code into IRAM"
     depends on BT_CTRL_RUN_IN_FLASH_ONLY
     default n
+
+config BT_LE_CTRL_CHECK_CONNECT_IND_ACCESS_ADDRESS
+    bool "Enable enhanced Access Address check in CONNECT_IND"
+    default n
+    help
+        Enabling this option will add stricter verification of the Access Address in the CONNECT_IND PDU.
+        This improves security by ensuring that only connection requests with valid Access Addresses are accepted.
+        If disabled, only basic checks are applied, improving compatibility.
diff --git a/components/bt/controller/esp32c2/bt.c b/components/bt/controller/esp32c2/bt.c
index 6767fae847..e2a5e9a5ea 100644
--- a/components/bt/controller/esp32c2/bt.c
+++ b/components/bt/controller/esp32c2/bt.c
@@ -197,7 +197,7 @@ static void esp_bt_ctrl_log_partition_get_and_erase_first_block(void);
 /* Local variable definition
  ***************************************************************************
  */
-#if CONFIG_ESP32C2_REV_MIN_FULL < 200
+#if (CONFIG_ESP32C2_REV_MIN_FULL < 200) && (!CONFIG_BT_CTRL_RUN_IN_FLASH_ONLY)
 void *g_ble_lll_rfmgmt_env_p;
 #endif
 /* Static variable declare */
diff --git a/components/bt/controller/esp32c2/esp_bt_cfg.h b/components/bt/controller/esp32c2/esp_bt_cfg.h
index ed9e7a0b02..9ecd35f4b0 100644
--- a/components/bt/controller/esp32c2/esp_bt_cfg.h
+++ b/components/bt/controller/esp32c2/esp_bt_cfg.h
@@ -220,6 +220,12 @@ extern "C" {
 
 #define DEFAULT_BT_LE_COEX_PHY_CODED_TX_RX_TLIM_EFF CONFIG_BT_LE_COEX_PHY_CODED_TX_RX_TLIM_EFF
 
+#ifdef CONFIG_BT_LE_CTRL_CHECK_CONNECT_IND_ACCESS_ADDRESS
+#define DEFAULT_BT_LE_CTRL_CHECK_CONNECT_IND_ACCESS_ADDRESS  (CONFIG_BT_LE_CTRL_CHECK_CONNECT_IND_ACCESS_ADDRESS)
+#else
+#define DEFAULT_BT_LE_CTRL_CHECK_CONNECT_IND_ACCESS_ADDRESS  (0)
+#endif
+
 #ifdef CONFIG_BT_LE_HCI_INTERFACE_USE_UART
 #define HCI_UART_EN CONFIG_BT_LE_HCI_INTERFACE_USE_UART
 #else
diff --git a/components/bt/controller/lib_esp32c2/esp32c2-bt-lib b/components/bt/controller/lib_esp32c2/esp32c2-bt-lib
index d246fa8764..339d66ea3d 160000
--- a/components/bt/controller/lib_esp32c2/esp32c2-bt-lib
+++ b/components/bt/controller/lib_esp32c2/esp32c2-bt-lib
@@ -1 +1 @@
-Subproject commit d246fa876402bcd9b16602dd0615c287ebc936bc
+Subproject commit 339d66ea3dce6e97bee6ce41aa3d06761efcaad2
diff --git a/components/bt/include/esp32c2/include/esp_bt.h b/components/bt/include/esp32c2/include/esp_bt.h
index 224fe5dd73..986701bf3d 100644
--- a/components/bt/include/esp32c2/include/esp_bt.h
+++ b/components/bt/include/esp32c2/include/esp_bt.h
@@ -173,7 +173,7 @@ esp_power_level_t esp_ble_tx_power_get_enhanced(esp_ble_enhanced_power_type_t po
  */
 uint8_t esp_ble_get_chip_rev_version(void);
 
-#define CONFIG_VERSION  0x20231124
+#define CONFIG_VERSION  0x20241121
 #define CONFIG_MAGIC    0x5A5AA5A5
 
 /**
@@ -233,6 +233,7 @@ typedef struct {
     uint8_t version_num;                        /*!< Version number */
     uint8_t ignore_wl_for_direct_adv;           /*!< Ignore the white list for directed advertising */
     uint8_t csa2_select;                        /*!< Select CSA#2 */
+    uint8_t ble_aa_check;                            /*!< True if adds a verification step for the Access Address within the CONNECT_IND PDU; false otherwise. Configurable in menuconfig */
     uint32_t config_magic;                      /*!< Configuration magic value */
 } esp_bt_controller_config_t;
 
@@ -279,6 +280,7 @@ typedef struct {
     .version_num                = esp_ble_get_chip_rev_version(),                       \
     .ignore_wl_for_direct_adv   = 0,                                                    \
     .csa2_select                = DEFAULT_BT_LE_50_FEATURE_SUPPORT,                     \
+    .ble_aa_check               = DEFAULT_BT_LE_CTRL_CHECK_CONNECT_IND_ACCESS_ADDRESS,  \
     .config_magic = CONFIG_MAGIC,                                                       \
 }
 
diff --git a/components/esp_rom/esp32c2/ld/esp32c2.rom.ble-eco4.ld b/components/esp_rom/esp32c2/ld/esp32c2.rom.ble-eco4.ld
index 5c59d8678e..1de9effc76 100644
--- a/components/esp_rom/esp32c2/ld/esp32c2.rom.ble-eco4.ld
+++ b/components/esp_rom/esp32c2/ld/esp32c2.rom.ble-eco4.ld
@@ -248,7 +248,7 @@ r_ble_ll_conn_set_global_chanmap = 0x40000e28;
 r_ble_ll_conn_set_phy = 0x40000e2c;
 r_ble_ll_conn_set_txpwr_by_handle = 0x40000e30;
 r_ble_ll_conn_set_unknown_rx_octets = 0x40000e34;
-r_ble_ll_conn_slave_start = 0x40000e38;
+//r_ble_ll_conn_slave_start = 0x40000e38;
 r_ble_ll_conn_sm_get = 0x40000e3c;
 r_ble_ll_conn_sm_new = 0x40000e40;
 r_ble_ll_conn_sm_npl_deinit = 0x40000e44;
@@ -316,7 +316,7 @@ r_ble_ll_ctrl_version_ind_make = 0x40000f38;
 r_ble_ll_data_buffer_overflow = 0x40000f3c;
 r_ble_ll_deinit = 0x40000f40;
 r_ble_ll_disconn_comp_event_send = 0x40000f44;
-r_ble_ll_env_init = 0x40000f48;
+//r_ble_ll_env_init = 0x40000f48;
 r_ble_ll_event_comp_pkts = 0x40000f4c;
 r_ble_ll_event_dbuf_overflow = 0x40000f50;
 r_ble_ll_event_send = 0x40000f54;
@@ -404,7 +404,7 @@ r_ble_ll_hci_vs_cmd_proc = 0x40001098;
 r_ble_ll_hci_vs_rd_static_addr = 0x4000109c;
 r_ble_ll_hw_err_timer_cb = 0x400010a0;
 r_ble_ll_hw_error = 0x400010a4;
-r_ble_ll_init = 0x400010a8;
+//r_ble_ll_init = 0x400010a8;
 r_ble_ll_init_alloc_conn_comp_ev = 0x400010ac;
 r_ble_ll_init_get_conn_comp_ev = 0x400010b0;
 r_ble_ll_init_rx_pkt_in = 0x400010b4;
@@ -481,7 +481,7 @@ r_ble_ll_scan_can_chg_whitelist = 0x400011cc;
 r_ble_ll_scan_check_periodic_sync = 0x400011d0;
 r_ble_ll_scan_classify_filter_aux_init = 0x400011d4;
 r_ble_ll_scan_classify_filter_init = 0x400011d8;
-r_ble_ll_scan_common_init = 0x400011dc;
+//r_ble_ll_scan_common_init = 0x400011dc;
 r_ble_ll_scan_continue_en = 0x400011e0;
 r_ble_ll_scan_deinit = 0x400011e4;
 r_ble_ll_scan_dup_check_ext = 0x400011e8;
@@ -492,7 +492,7 @@ r_ble_ll_scan_dup_update_ext = 0x400011f8;
 r_ble_ll_scan_dup_update_legacy = 0x400011fc;
 r_ble_ll_scan_enabled = 0x40001200;
 r_ble_ll_scan_end_adv_evt = 0x40001204;
-r_ble_ll_scan_env_init = 0x40001208;
+//r_ble_ll_scan_env_init = 0x40001208;
 r_ble_ll_scan_ext_initiator_start = 0x4000120c;
 r_ble_ll_scan_get_addr_data_from_legacy = 0x40001210;
 r_ble_ll_scan_get_addr_from_ext_adv = 0x40001214;
@@ -514,7 +514,7 @@ r_ble_ll_scan_record_new_adv = 0x40001250;
 r_ble_ll_scan_refresh_nrpa = 0x40001254;
 r_ble_ll_scan_reset = 0x40001258;
 r_ble_ll_scan_rx_pkt_in = 0x4000125c;
-r_ble_ll_scan_rx_pkt_in_on_aux = 0x40001260;
+//r_ble_ll_scan_rx_pkt_in_on_aux = 0x40001260;
 r_ble_ll_scan_rx_pkt_in_on_legacy = 0x40001264;
 r_ble_ll_scan_rx_pkt_in_restore_addr_data = 0x40001268;
 r_ble_ll_scan_rxed = 0x4000126c;
@@ -567,7 +567,7 @@ r_ble_ll_sync_list_size = 0x40001324;
 r_ble_ll_sync_lost_event = 0x40001328;
 r_ble_ll_sync_next_event = 0x4000132c;
 r_ble_ll_sync_on_list = 0x40001330;
-r_ble_ll_sync_parse_ext_hdr = 0x40001334;
+//r_ble_ll_sync_parse_ext_hdr = 0x40001334;
 r_ble_ll_sync_periodic_ind = 0x40001338;
 r_ble_ll_sync_phy_mode_to_aux_phy = 0x4000133c;
 r_ble_ll_sync_phy_mode_to_hci = 0x40001340;
@@ -813,7 +813,7 @@ r_ble_lll_scan_rx_pkt_isr = 0x400016fc;
 r_ble_lll_scan_sched_next_aux = 0x40001700;
 r_ble_lll_scan_sched_remove = 0x40001704;
 r_ble_lll_scan_start = 0x40001708;
-r_ble_lll_scan_start_rx = 0x4000170c;
+//r_ble_lll_scan_start_rx = 0x4000170c;
 r_ble_lll_scan_stop = 0x40001710;
 r_ble_lll_scan_targeta_is_matched = 0x40001714;
 r_ble_lll_scan_timer_cb = 0x40001718;
@@ -1049,7 +1049,7 @@ r_put_le32 = 0x40001ab4;
 r_put_le64 = 0x40001ab8;
 r_rtc0_timer_handler = 0x40001abc;
 r_sdkconfig_get_opts = 0x40001ac0;
-r_sdkconfig_set_opts = 0x40001ac4;
+//r_sdkconfig_set_opts = 0x40001ac4;
 r_sec_phy_valid = 0x40001ac8;
 r_swap_buf = 0x40001acc;
 r_swap_in_place = 0x40001ad0;
@@ -1187,7 +1187,7 @@ r_ble_ll_trace_buffer_select = 0x40002f80;
 r_ble_ll_adv_vendor_hci_legacy_adv_clear = 0x40002f84;
 r_ble_ll_conn_is_lru_compare_with_sync = 0x40002f88;
 r_ble_ll_conn_rollback_last_unmapped_chan = 0x40002f8c;
-r_ble_ll_hci_vs_csa_set = 0x40002f90;
+//r_ble_ll_hci_vs_csa_set = 0x40002f90;
 r_ble_ll_hci_reset = 0x40002f94;
 r_ble_ll_adv_status_check = 0x40002f98;
 r_ble_ll_conn_status_check = 0x40002f9c;
diff --git a/components/esp_rom/esp32c2/ld/esp32c2.rom.ble.ld b/components/esp_rom/esp32c2/ld/esp32c2.rom.ble.ld
index 959cff0d7c..52c45ef817 100644
--- a/components/esp_rom/esp32c2/ld/esp32c2.rom.ble.ld
+++ b/components/esp_rom/esp32c2/ld/esp32c2.rom.ble.ld
@@ -387,7 +387,7 @@ r_ble_ll_scan_can_chg_whitelist = 0x400011cc;
 r_ble_ll_scan_check_periodic_sync = 0x400011d0;
 r_ble_ll_scan_classify_filter_aux_init = 0x400011d4;
 r_ble_ll_scan_classify_filter_init = 0x400011d8;
-r_ble_ll_scan_common_init = 0x400011dc;
+//r_ble_ll_scan_common_init = 0x400011dc;
 r_ble_ll_scan_continue_en = 0x400011e0;
 r_ble_ll_scan_dup_check_ext = 0x400011e8;
 r_ble_ll_scan_dup_check_legacy = 0x400011ec;
@@ -640,7 +640,7 @@ r_ble_lll_scan_req_backoff = 0x400016ec;
 r_ble_lll_scan_sched_next_aux = 0x40001700;
 r_ble_lll_scan_sched_remove = 0x40001704;
 r_ble_lll_scan_start = 0x40001708;
-r_ble_lll_scan_start_rx = 0x4000170c;
+//r_ble_lll_scan_start_rx = 0x4000170c;
 r_ble_lll_scan_timer_cb = 0x40001718;
 r_ble_lll_sched_adv_new = 0x4000171c;
 r_ble_lll_sched_adv_resched_pdu = 0x40001720;
@@ -838,7 +838,7 @@ r_put_le32 = 0x40001ab4;
 r_put_le64 = 0x40001ab8;
 r_rtc0_timer_handler = 0x40001abc;
 r_sdkconfig_get_opts = 0x40001ac0;
-r_sdkconfig_set_opts = 0x40001ac4;
+//r_sdkconfig_set_opts = 0x40001ac4;
 r_sec_phy_valid = 0x40001ac8;
 r_swap_buf = 0x40001acc;
 r_swap_in_place = 0x40001ad0;