Source Link Privacy.
Tarlogic Security has detected a backdoor in the ESP32, a microcontroller that enables WiFi and Bluetooth connection and is present in millions of mass-market IoT devices. Exploitation of this backdoor would allow hostile actors to conduct impersonation attacks and permanently infect sensitive devices such as mobile phones, computers, smart locks or medical equipment by bypassing code audit controls.
Update: The ESP32 “backdoor” that wasn’t.
Is this some hardware flaw, or just something in their standard BT stack?
I was wondering the same thing. Wasn’t clear on whether these backdoors are there on purpose or because of mistakes
Removed by mod
Where in the article did it say that? Did you read the article?
Yes I indeed did read the article. It’s in the section regarding the sarcasm-ESP API