The invention discloses a lightweight method and a system for determining protocol vulnerabilities in an embedded system firmware. The method comprises the following steps: constructing a feature vector by analyzing a protocol and parsing code feature; using the constructed feature vector and a training set to train a support vector machine SVM, determining a protocol parsing code classifier modelfor identifying a protocol parsing module; using the trained protocol parsing code classifier model to identify the protocol parsing module in the firmware image code of a target system; for the identified protocol parsing module, using a dangerous code feature library to quickly scan the suspected vulnerable points of the protocol parsing module; extracting the data source paths of the vulnerable points on the basis of constructing a control flow graph, a control dependency graph, and a data dependency graph; and constructing a multi-type vulnerability mode based on a vulnerable-point-baseddata source path, and determining protocol vulnerabilities in the embedded system firmware by pattern matching. The lightweight method and the system for determining protocol vulnerabilities in the embedded system firmware can provide a technical support for network protocol security, Internet of Things/Industrial Control System security, and security testing.