CyberSecurity news
FlagThis
@cyberalerts.io
//
An undocumented "backdoor," which is really undocumented commands, has been discovered in the ESP32 microchip, a product of the Chinese manufacturer Espressif. This chip is a cornerstone in the Internet of Things (IoT) ecosystem, providing essential Bluetooth and Wi-Fi connectivity. It is widely used in over a billion devices as of 2023. The "backdoor," as it is referred to, could be leveraged for attacks including spoofing trusted devices, unauthorized data access, and pivoting to other devices on the network.
This discovery was made by Spanish researchers Miguel Tarascó Acuña and Antonio Vázquez Blanco from Tarlogic Security, who presented their findings at RootedCON. Their research underscores the critical need for robust security measures in IoT devices. The potential impact could be extensive, considering the chip’s widespread usage. This discovery raises concerns about the security of numerous devices and systems that rely on the ESP32 for their operations.
ImgSrc: www.bleepstatic
References :
This discovery was made by Spanish researchers Miguel Tarascó Acuña and Antonio Vázquez Blanco from Tarlogic Security, who presented their findings at RootedCON. Their research underscores the critical need for robust security measures in IoT devices. The potential impact could be extensive, considering the chip’s widespread usage. This discovery raises concerns about the security of numerous devices and systems that rely on the ESP32 for their operations.
ImgSrc: www.bleepstatic
Share:
References :
- infosec.exchange: Ok, poll for the "supply chain risk management" people! There's a backdoor in the ESP32 wifi/bluetooth chip.
- Anonymous ???????? :af:: The ubiquitous microchip made by Chinese manufacturer Espressif and used by over 1 billion units as of 2023 contains an undocumented "backdoor" that could be leveraged for attacks.
- The DefendOps Diaries: Discover the ESP32 backdoor's impact on IoT security and the urgent need for robust protection measures.
- www.bleepingcomputer.com: The ubiquitous ESP32 microchip made by Chinese manufacturer Espressif and used by over 1 billion units as of 2023 contains an undocumented "backdoor" that could be leveraged for attacks.
- BleepingComputer: Infosec.Exchange post about ESP32 Microchip Backdoor
- BleepingComputer: Infosec.Exchange post about ESP32 microchip with undocumented backdoor.
- Jon Greig: IOC.Exchange post about the backdoor
Classification:
- HashTags: #ESP32 #IoTBackdoor #ChipSecurity
- Company: Espressif
- Target: IoT Devices
- Product: ESP32
- Feature: backdoor
- Type: Vulnerability
- Severity: Major