I can see data is still in queue buffer even client read it.
Have it sense to wipe it ?
And may be have sense to disable QueuePeek API.
Main idea is limit all places where temporary ( sensitive ) data are available more than they really need.
( void ) memcpy( ( void * ) pvBuffer, ( void * ) pxQueue->u.xQueue.pcReadFrom, ( size_t ) pxQueue->uxItemSize ); /*lint !e961 !e418 !e9087 MISRA exception as the casts are only redundant for some ports. Also previous logic ensures a null pointer can only be passed to memcpy() when the count is 0. Cast to void required by function signature and safe as no alignment requirement and copy length specified in bytes. */
#if ( configUSE_QUEUE_STORAGE_WIPE == 1 )
( void ) memset( ( void * ) pxQueue->u.xQueue.pcReadFrom, 0x00, ( size_t ) pxQueue->uxItemSize ); // wipe
#endif // #if ( configUSE_QUEUE_STORAGE_WIPE == 1 )